Aller au contenu

leredge

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    26

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par leredge

  1. leredge
    re, j'ai déjà effectué tout cela aujourd'hui et les jours précédents... @+, leredge
  2. leredge
    re, voici le nouveau rapport de Clean ci-dessous: Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Script execute en mode sans echec 05/09/2008 a 16:31:54,87 Microsoft Windows XP [version 5.1.2600] *** Suppression des fichiers dans C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" *** Suppression des fichiers dans C:\Program Files *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! L'ordi. a le même comportement, cela n'a pas effectué de changement majeur... dans sa procédure d'exécution en mode sans échec, le programme Clean a compressé les programmes non utilisés, supprimé des clefs du registre. @+, leredge
  3. leredge
    re, voici le rapport de Clean 05/09/2008 a 11:42:04,21 *** Recherche des fichiers dans C: *** Recherche des fichiers dans C:\WINDOWS\ *** Recherche des fichiers dans C:\WINDOWS\system32 "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND *** Recherche des fichiers dans C:\Program Files *** Fin du rapport ! @+, leredge.
  4. leredge
    Salut chrifleur, En exécutant le programme DiagHelp un encart c'est ouvert et il m'a fallut m'y reprendre à trois pour le fermer. Voici ce qu'il disait : You can also use the /accepteula command-line swich to accept the EULA les choix : Print, Agree ou Decline. SYSINTERNALS SOFTWARE LICENSE TERMS These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals · updates, · supplements, · Internet-based services, and · support services for this software, unless other terms accompany those items. If so, those terms apply. BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE. If you comply with these license terms, you have the rights below. 1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software on your devices. 2. Scope of License. The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not · work around any technical limitations in the binary versions of the software; · reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that applicable law expressly permits, despite this limitation; · make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation; · publish the software for others to copy; · rent, lease or lend the software; · transfer the software or this agreement to any third party; or · use the software for commercial software hosting services. 3. DOCUMENTATION. Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes. 4. Export Restrictions. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting <http://www.microsoft.com/exporting>. 5. SUPPORT SERVICES. Because this software is "as is," we may not provide support services for it. 6. Entire Agreement. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services. 7. Applicable Law. a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort. b. Outside the United States. If you acquired the software in any other country, the laws of that country apply. 8. Legal Effect. This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so. 9. Disclaimer of Warranty. The software is licensed "as-is." You bear the risk of using it. SYSINTERNALS gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, SYSINTERNALS excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement. 10. Limitation on and Exclusion of Remedies and Damages. You can recover from SYSINTERNALS and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages. This limitation applies to · anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and · claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French. Remarque : Ce logiciel étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français. EXONÉRATION DE GARANTIE. Le logiciel visé par une licence est offert « tel quel ». Toute utilisation de ce logiciel est à votre seule risque et péril. Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d'adéquation à un usage particulier et d'absence de contrefaçon sont exclues. LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES DOMMAGES. Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices. Cette limitation concerne : · tout ce qui est relié au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et · les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d'une autre faute dans la limite autorisée par la loi en vigueur. Elle s'applique également, même si Sysinternals connaissait ou devrait connaître l'éventualité d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci-dessus ne s'appliquera pas à votre égard. EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d'autres droits prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas. C'est quoi ce truc ? et voici le rapport diagHelp : DiagHelp version v1.4 - http://www.malekal.com excute le 05/09/2008 à 9:47:38,35 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->05/09/2008 09:47:38 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->05/09/2008 09:47:37 C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->05/09/2008 09:47:30 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->05/09/2008 09:41:55 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->05/09/2008 09:40:37 C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->05/09/2008 09:39:06 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->05/09/2008 09:38:56 C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->05/09/2008 09:34:26 C:\WINDOWS\prefetch\IPCONFIG.EXE-2395F30B.pf -->05/09/2008 09:34:26 C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->05/09/2008 09:32:42 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->02/09/2008 00:16:46 C:\WINDOWS\System32\drivers\mbam.sys -->02/09/2008 00:16:40 C:\WINDOWS\System32\drivers\avipbb.sys -->22/08/2008 07:43:05 C:\WINDOWS\System32\drivers\SynTP.sys -->03/07/2008 15:53:20 C:\WINDOWS\System32\drivers\IBMBLDID.sys -->02/07/2008 00:22:06 C:\WINDOWS\System32\drivers\ANC.sys -->02/07/2008 00:22:04 C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12 C:\WINDOWS\System32\PROCDB.INI -->05/09/2008 09:15:21 C:\WINDOWS\System32\TPHDLOG0.LOG -->05/09/2008 09:15:19 C:\WINDOWS\System32\IPSCtrl.INI -->05/09/2008 09:15:11 C:\WINDOWS\System32\oodbs.lor -->05/09/2008 09:14:57 C:\WINDOWS\System32\TPAPSLOG.LOG -->04/09/2008 14:25:02 C:\WINDOWS\System32\EGATHDRV.SYS -->03/09/2008 08:41:53 C:\WINDOWS\System32\mlfcache.dat -->02/09/2008 12:29:58 C:\WINDOWS\System32\PerfStringBackup.INI -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\wpa.dbl -->28/08/2008 08:19:02 C:\WINDOWS\System32\spupdwxp.log -->28/08/2008 08:16:34 C:\WINDOWS\System32\FNTCACHE.DAT -->28/08/2008 08:15:38 C:\WINDOWS\System32\d3d9caps.dat -->22/08/2008 08:48:21 C:\WINDOWS\System32\TZLog.log -->18/08/2008 12:03:39 C:\WINDOWS\System32\TUKernel.exe -->09/08/2008 00:28:47 C:\WINDOWS\System32\CONFIG.NT -->05/08/2008 11:32:22 C:\WINDOWS\System32\MRT.exe -->05/08/2008 11:11:02 C:\WINDOWS\System32\TuneUpDefragService.exe -->23/07/2008 13:20:04 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\WindowsUpdate.log -->05/09/2008 09:18:32 C:\WINDOWS\setupapi.log -->05/09/2008 09:15:25 C:\WINDOWS\wiadebug.log -->05/09/2008 09:15:20 C:\WINDOWS\wiaservc.log -->05/09/2008 09:15:17 C:\WINDOWS\0.log -->05/09/2008 09:15:02 C:\WINDOWS\bootstat.dat -->05/09/2008 09:15:01 C:\WINDOWS\SchedLgU.Txt -->05/09/2008 09:13:48 C:\WINDOWS\msnfix.txt -->04/09/2008 11:26:46 C:\WINDOWS\npornap.INI -->31/08/2008 12:21:42 C:\WINDOWS\SynInst.log -->31/08/2008 12:12:25 C:\WINDOWS\setupact.log -->31/08/2008 12:12:11 C:\WINDOWS\iis6.log -->29/08/2008 07:45:02 C:\WINDOWS\tsoc.log -->29/08/2008 07:45:01 C:\WINDOWS\tabletoc.log -->29/08/2008 07:45:01 C:\WINDOWS\ocmsn.log -->29/08/2008 07:45:01 winlogon.exe svchost.exe ws2_32.dll user32.dll tcpip.sys ndis.sys null.sys ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3520 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x10000000 0x4e000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL 0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00ce0000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL 0x00e10000 0x19000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL 0x00f40000 0x7000 1.60.0000.0006 C:\WINDOWS\system32\Sensor.dll 0x02ed0000 0x36000 6.14.0010.4926 C:\WINDOWS\system32\igfxdev.dll 0x03060000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll 0x015e0000 0x13000 5.01.0000.4700 C:\WINDOWS\system32\btmmhook.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x00970000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x00c00000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll 0x00c20000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll 0x00c30000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x02b70000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll 0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x038c0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll 0x01400000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll 0x03a00000 0x87000 10.00.0002.3363 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll 0x03a90000 0x4b000 10.00.0012.1681 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL 0x03bc0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1648 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x8f000 1.02.0059.0000 C:\WINDOWS\system32\tvt_gina.dll 0x00cb0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll 0x00ed0000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll 0x00ab0000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll 0x01090000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll 0x01260000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01310000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll 0x01420000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll 0x01530000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll 0x01590000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll 0x016c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll 0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL 0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll 0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll 0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL 0x02310000 0x8000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll 0x02320000 0x2a000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll 0x0a000000 0x30000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x02350000 0x18000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll 0x02430000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll 0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll 0x74da0000 0x6d000 5.30.0023.1230 C:\WINDOWS\system32\RICHED20.DLL 0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll 0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll 0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll 0x300a0000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll 0x03170000 0x7000 1.00.0003.0000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll 0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll 0x03530000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\system32 14/04/2008 04:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 28 259 106 816 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\Downloaded Program Files 20/08/2008 01:20 <REP> . 20/08/2008 01:20 <REP> .. 26/03/2007 11:16 449 acpir.inf 12/12/2007 10:33 747 AdSignerADP.inf 08/06/2008 21:13 <REP> CONFLICT.1 26/01/2006 23:52 65 desktop.ini 11/04/2007 14:55 1 292 erma.inf 16/05/2007 09:22 399 gp.inf 16/03/2005 12:34 7 407 lang.ini 14/03/2005 14:38 126 live.ini 02/08/2007 15:47 569 MSNPUpld.inf 15/06/2007 09:02 632 392 OberonGameHost.dll 15/06/2007 09:01 332 OberonGameHost_dbg.inf 01/06/2006 02:57 1 331 oscan8.inf 14/03/2005 14:58 7 073 scanoptions.tsi 09/09/2005 18:45 1 516 wvc1dmo.inf 13 fichier(s) 653 698 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 08/06/2008 21:13 <REP> . 08/06/2008 21:13 <REP> .. 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/06/2006 15:44 117 560 PURen-us.dll 09/01/2007 08:30 110 592 PURfr-fr.dll 4 fichier(s) 608 249 octets Total des fichiers listés : 17 fichier(s) 1 261 947 octets 5 Rép(s) 28 259 151 872 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp" "D:\\Livebox\\RGWRepair.exe"="D:\\Livebox\\RGWRepair.exe:*:Enabled:RGWRepair" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:LocalSubNet:Enabled:eMule" "C:\\Program Files\\eMule\\dserver.exe"="C:\\Program Files\\eMule\\dserver.exe:*:Enabled:dserver" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" REGEDIT4 [taskmgr.exe] exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.shareaza.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-05 09:52:03 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="D89080994D4813D016F6F62A6A914549CEEE7CD62532A71A9594484CFB2BCF3EBE0525D4A52 0FB0CA4268BF2B7E7D6D82E831A1799341734ADB64FD4CABF62278B661EBB76120711C547CB2D5752 850D3A422450EDAAEAE3C417720C0337F3182898DD1CFC0C8A7ACEF9FD2683C88C4F56A353F1F835E 1846A2402223679EB7EF0A6E804A55FB3E20A7EFB6EA7A2FB8C59C178AEC256147523F2620AAAD304 48B8BCD8C917C081ECB5BCB4DAE42139378DDBF57B0976EA99E5BA0CF95CF5CCE9C12B5B04284AC73 C833C29058D647D46B354C412BD6023D51FD60A6DF7F4A7DA48FEBC9E127BECC74CFEBC9E127BECC7 4CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC793 3A2D97226D213B5559DB7CE019D40AA5C9DB7CE019D40AA5CEEE5D9EEA86E62995E2AAA2C44707446 9ADD2F13269F97558A435AAE8A3D9B7A0F2E315CFC29D5F63607CDD45282A0856F1EE9FB202672185 8447E89DBF20B61184671FCF0E520B24AA3575D7D00AD2AF4A23D558E7FC3AD18B48A12F4E7F23746 1FED78A65CBFF1CE82DB2CB3C5ACA479A720E246CB4AF3CF21F58634A0E4E776BA3C2D2715B64B1CB C33DB4601305BEE78C89B81004BBC292C765C5EF6F7D0ADB036ACDBED0DCB2D7EF6B9E734D0246876 33AADCE1904DF28B0DBB1796454690AC7ABB96974B74A307074A32382A4FA018A0EFD98EE4E19D0BF 7026901690FEBEDE954081B02B741AC06C221B6DA1D72E495005E759AA5BF08BC3F448A08662D46AC A4C9CE437D6ED5DB8D142E07C0607C58A1B4DA84BC9474A53779DCC5F9E8202B8ED6622522B87F33C A51F0D6658F8DF54F0856FC3C77D7BF6441F24BEED47394A50E5743F6CEBA7BC98027F52747DE40BA EA525F2E6C4BDAF1339FC6DA4C51DBB4B2833B3E03AAE6952E4B1418F44A49C5D38F0D1197FD0EC0C E06EA48CDDCB439EC902FB050876E64C9AA63BB2ABB690899A26BD5C4B03064F720EC377C4C9B6547 FAC8F9D01E4C27A8E89D8B1CB43DCD7C72E1E4E03B60A67239851B1F6C4D9DB116AF3BC3CE7F0003F E7D74A2CBA4969B3A5C957D87FE036BF3F35A219BCC7B7F8793880F8D4BC5F4344158BB28C415FD0C 4E37519331ABEFC3F750904DDE4CE74927E7B963360180A8308B070905B10CC8A90CB5F1E083F1F2D 8CBA0098F1386A8A1D66F6C8CF207CF8DD7C9BE9187142AE8C928C7B9A3C79CDF0FA8E9AB04DBC63C 450057DC8DD2EFA8F76DAD5AE5463B879ACBD1AD592D315AD1249EC588C81B36185FE97AF491A44E2 07FD09350395C861C655CF2A33FF71940AF6B353F176DD3A4A5FB7B8650DAD4F32FB5367F65BF6ADF 5FC900B78108747711A61279705D58B98F7A3D5007D6128BD2FBFD5D28EFBCED471095FD59CDC20BA CBCBB3BE55A92967B65DD130B2EE1" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 236 - svchost.exe 496 - ACWLIcon.exe 696 - tvt_reg_monitor 712 - TPHDEXLG.exe 960 - AwaySch.EXE 1192 - AcSvc.exe 1308 - pdservice.exe 1324 - oodtray.exe 1376 - logmon.exe 1396 - IPSSVC.EXE 1444 - acs.exe 1480 - avguard.exe 1604 - mdm.exe 1624 - csrss.exe 1648 - winlogon.exe 1692 - services.exe 1704 - lsass.exe 1840 - ibmpmsvc.exe 1884 - svchost.exe 1892 - oodag.exe 1956 - svchost.exe 1996 - svchost.exe 2084 - fdm.exe 2380 - sqlservr.exe 2464 - alg.exe 3060 - avgnt.exe 3104 - ctfmon.exe 3112 - taskmgr.exe 3120 - BTSTAC~1.EXE 3176 - notepad.exe 3212 - MemOptimizer.ex 3220 - fum.exe 3240 - fumoei.exe 3272 - CamTray.exe 3300 - wcescomm.exe 3396 - winamp.exe 3416 - cssauth.exe 3468 - PicasaMediaDete 3500 - rapimgr.exe 3520 - explorer.exe 3732 - BTTray.exe 3844 - DLG.exe 3860 - SynTPEnh.exe 3892 - TpShocks.exe 3908 - TPOSDSVC.exe 4056 - SMax4.exe 4412 - cmd.exe 4684 - iexplore.exe 4688 - firefox.exe Total number of processes = 50 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll F7ABD000 - \WINDOWS\system32\KDCOM.DLL F79CD000 - \WINDOWS\system32\BOOTVID.dll F748D000 - ACPI.sys F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F747C000 - pci.sys F75BD000 - isapnp.sys F79D1000 - compbatt.sys F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7B85000 - pciide.sys F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F745E000 - pcmcia.sys F75CD000 - MountMgr.sys F743F000 - ftdisk.sys F7AC1000 - dmload.sys F7419000 - dmio.sys F7845000 - PartMgr.sys F79D9000 - ACPIEC.sys F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F75DD000 - VolSnap.sys F7401000 - atapi.sys F7339000 - iaStor.sys F75ED000 - disk.sys F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7319000 - fltmgr.sys F7307000 - sr.sys F760D000 - PxHelp20.sys F72F0000 - KSecDD.sys F7263000 - Ntfs.sys F7236000 - NDIS.sys F7218000 - Apsx86.sys F784D000 - ApsHM86.sys F761D000 - ohci1394.sys F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F71FE000 - Mup.sys F765D000 - \SystemRoot\system32\DRIVERS\nic1394.sys F6BC3000 - \SystemRoot\system32\DRIVERS\intelppm.sys F5878000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys F5864000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F583C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F5811000 - \SystemRoot\system32\DRIVERS\b57xp32.sys F578A000 - \SystemRoot\system32\DRIVERS\ar5211.sys F7935000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F5766000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F793D000 - \SystemRoot\system32\DRIVERS\usbehci.sys F573E000 - \SystemRoot\system32\drivers\tifm21.sys F572A000 - \SystemRoot\system32\DRIVERS\sdbus.sys F6BB3000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7945000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F56F2000 - \SystemRoot\system32\DRIVERS\SynTP.sys F7B17000 - \SystemRoot\system32\DRIVERS\USBD.SYS F794D000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7955000 - \SystemRoot\system32\DRIVERS\nscirda.sys F7AB1000 - \SystemRoot\system32\DRIVERS\irenum.sys F795D000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys F7AB9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F71DA000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys F6BA3000 - \SystemRoot\system32\DRIVERS\imapi.sys F7965000 - \SystemRoot\system32\drivers\iviaspi.sys F6B93000 - \SystemRoot\system32\DRIVERS\cdrom.sys F6B83000 - \SystemRoot\system32\DRIVERS\redbook.sys F56CF000 - \SystemRoot\system32\DRIVERS\ks.sys F55FE000 - \SystemRoot\system32\DRIVERS\btkrnl.sys F796D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys F7CD7000 - \SystemRoot\system32\DRIVERS\audstub.sys F7975000 - \SystemRoot\system32\DRIVERS\rasirda.sys F797D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6B73000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F71C6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F55E7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F6B63000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F773D000 - \SystemRoot\system32\DRIVERS\raspptp.sys F55D6000 - \SystemRoot\system32\DRIVERS\psched.sys F774D000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7985000 - \SystemRoot\system32\DRIVERS\ptilink.sys F798D000 - \SystemRoot\system32\DRIVERS\raspti.sys F55A6000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F775D000 - \SystemRoot\system32\DRIVERS\termdd.sys F7995000 - \SystemRoot\system32\DRIVERS\psadd.sys F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys F5548000 - \SystemRoot\system32\DRIVERS\update.sys F7171000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F778D000 - \SystemRoot\system32\DRIVERS\wsimd.sys F799D000 - \SystemRoot\system32\DRIVERS\btport.sys F5E8E000 - \SystemRoot\System32\Drivers\NDProxy.SYS AA5DB000 - \SystemRoot\system32\drivers\ADIHdAud.sys AA5B7000 - \SystemRoot\system32\drivers\portcls.sys F77BD000 - \SystemRoot\system32\drivers\drmk.sys AA5A0000 - \SystemRoot\system32\drivers\AEAudio.sys AA56C000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys AA47A000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys AA3C7000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys F788D000 - \SystemRoot\System32\Drivers\Modem.SYS A98E4000 - \SystemRoot\system32\DRIVERS\usbhub.sys F551C000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F7B51000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C89000 - \SystemRoot\System32\Drivers\Null.SYS F7B53000 - \SystemRoot\System32\Drivers\Beep.SYS A83B5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A83AD000 - \SystemRoot\System32\drivers\vga.sys F7B55000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B59000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A83A5000 - \SystemRoot\System32\Drivers\Msfs.SYS A839D000 - \SystemRoot\System32\Drivers\Npfs.SYS F5514000 - \SystemRoot\system32\DRIVERS\rasacd.sys A5A93000 - \SystemRoot\system32\DRIVERS\ipsec.sys A5A3A000 - \SystemRoot\system32\DRIVERS\tcpip.sys A5A12000 - \SystemRoot\system32\DRIVERS\netbt.sys A59EC000 - \SystemRoot\system32\DRIVERS\ipnat.sys A59CA000 - \SystemRoot\System32\drivers\afd.sys A845E000 - \SystemRoot\system32\DRIVERS\netbios.sys A8395000 - \SystemRoot\System32\drivers\TSMAPIP.SYS A838D000 - \SystemRoot\System32\drivers\Tppwrif.sys A8385000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys A837D000 - \SystemRoot\System32\drivers\TDSMAPI.SYS A77B5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys A77AD000 - \SystemRoot\System32\drivers\Smapint.sys A588F000 - \SystemRoot\system32\DRIVERS\rdbss.sys A581F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7B5B000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys A843E000 - \SystemRoot\System32\Drivers\Fips.SYS A7C10000 - \SystemRoot\system32\DRIVERS\wanarp.sys A7C00000 - \SystemRoot\system32\DRIVERS\arp1394.sys A55A4000 - \SystemRoot\system32\DRIVERS\avipbb.sys A9B58000 - \SystemRoot\system32\DRIVERS\hidusb.sys A7BD0000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7B5F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys A9B54000 - \SystemRoot\System32\drivers\ANC.SYS A599A000 - \SystemRoot\System32\Drivers\tcusb.sys A51A2000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS A7B23000 - \SystemRoot\system32\DRIVERS\mouhid.sys 9BAD9000 - \SystemRoot\System32\Drivers\Fastfat.SYS 9BA11000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys 9D4A6000 - \SystemRoot\System32\drivers\Dxapi.sys 9C388000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C45000 - \SystemRoot\System32\drivers\dxgthk.sys BF024000 - \SystemRoot\System32\igxpgd32.dll BF012000 - \SystemRoot\System32\igxprd32.dll BF04F000 - \SystemRoot\System32\igxpdv32.DLL BF1E7000 - \SystemRoot\System32\igxpdx32.DLL 9C077000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 9B9FB000 - \SystemRoot\system32\DRIVERS\irda.sys 9B9E5000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys F6BF3000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys 9F922000 - \SystemRoot\system32\DRIVERS\ndisuio.sys 9B995000 - \SystemRoot\system32\DRIVERS\nwrdr.sys 9B968000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A22EB000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS F7AC9000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS 9F155000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys 9B84E000 - \SystemRoot\system32\DRIVERS\srv.sys 9D979000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys 9B812000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F7AEB000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys A4063000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys F7C59000 - \??\C:\Program Files\SMI2\smi2.sys A2ED1000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9B7BA000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys 9B1E5000 - \SystemRoot\system32\drivers\wdmaud.sys A2F41000 - \SystemRoot\system32\drivers\sysaudio.sys 9A3F2000 - \SystemRoot\System32\Drivers\btwusb.sys 9A374000 - \SystemRoot\system32\DRIVERS\btwdndis.sys 9A2F4000 - \SystemRoot\system32\drivers\btaudio.sys 9A032000 - \SystemRoot\system32\drivers\kmixer.sys F7C25000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 168 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office system Access - Aide Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Flash Player 9 ActiveX Adobe Flash Player ActiveX Adobe Flash Player Plugin Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Assistant UltraNav ThinkPad Audacity 1.3.5 (Unicode) Avira AntiVir Personal - Free Antivirus CCleaner (remove only) Client Security Solution Configuration du ThinkPad Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Creative WebCam Center Creative WebCam NX Ultra Driver (1.01.03.0112) eMule ffdshow [rev 1977] [2008-05-28] Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) Fonctions d'accessibilité TrackPoint Free Download Manager 2.5 Free Easy Burner V 3.8 FTP Utility G-Force GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) Gestionnaire d'alimentation ThinkPad Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de présentation getPlus®_ocx GIMP 2.4.4 Help Center HijackThis 2.0.2 Incrustation InfraRecorder Integrated camera Intel® Graphics Media Accelerator Driver InterVideo Register Manager InterVideo WinDVD InterVideo WinDVD Creator 3 Java 6 Update 7 LADSPA_plugins-win-0.4.15 Lecteur Windows Media 10 Macromedia Flash Player 8 Maintenance Manager Malwarebytes' Anti-Malware Media Player Classic fr Message Center Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft ActiveSync Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Works 6-9 Converter Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Montpellier Business Plan Classic Mozilla Firefox (3.0.1) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) O&O Defrag Professional Edition OpenOffice.org Installer 1.0 Orange Plug-in messagerie vocale 888 PC-Doctor 5 pour Windows Picasa 2 QuickTime RecordNow Audio RecordNow Copy RecordNow Data Remove Multimedia Center Rescue and Recovery Rescue and Recovery Critical Patch for Windows Update (KB917422) Security Update for 2007 Microsoft Office System (KB951596) Security Update for 2007 Microsoft Office System (KB951596) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Visio 2007 (KB947590) Security Update for Visio 2007 (KB947590) ServerMaker 2001 SoundMAX Sumatra PDF reader Supplément à Productivity Center pour ThinkPad System Migration Assistant System Update Système de protection active ThinkVantage Texas Instruments PCIxx21/x515/xx12 drivers. ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad Modem ThinkPad PC Card Power Policy ThinkPad Power Management Driver ThinkPad UltraNav Driver ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) ThinkVantage Access Connections ThinkVantage Fingerprint Software 5.6 ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message TIPCI Total Commander (Remove or Repair) TuneUp Utilities 2008 Update for Microsoft Office Outlook 2007 (KB952142) Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb955433) Update for Outlook 2007 Junk Email Filter (kb955433) Utilitaire de personnalisation du clavier ThinkPad Utilitaire ThinkPad EasyEject Utilitaire ThinkPad UltraNav VideoLAN VLC media player 0.8.6f Wallpapers WebFldrs XP Winamp Windows Live installer Windows Live Messenger Windows Live Toolbar Windows Live Toolbar Windows Media Connect Windows Media Format Runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player Firefox Plugin Windows XP Service Pack 3 XP Themes Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files 04/09/2008 10:38 <REP> . 04/09/2008 10:38 <REP> .. 27/04/2008 18:55 <REP> Activation Assistant for the 2007 Microsoft Office suites 06/08/2008 12:20 <REP> Adobe 10/02/2008 23:40 <REP> Alwil Software 10/02/2008 18:27 <REP> Analog Devices 22/08/2008 10:05 <REP> Apple Software Update 04/09/2008 10:33 <REP> Audacity 1.3 Beta (Unicode) 05/08/2008 11:40 <REP> Avira 07/03/2008 10:50 <REP> CapAlpha 19/05/2008 12:11 <REP> CCleaner 25/01/2006 19:50 <REP> ComPlus Applications 10/02/2008 18:27 <REP> CONEXANT 02/05/2008 14:32 <REP> Creative 27/04/2008 18:55 <REP> Dactylo 27/04/2008 18:55 <REP> Digital Line Detect 29/08/2008 00:44 <REP> eMule 02/08/2008 13:47 <REP> FairUse Wizard 2 31/05/2008 13:37 <REP> ffdshow 03/08/2008 08:47 <REP> Fichiers communs 28/08/2008 18:53 <REP> Foxit Software 31/08/2008 12:10 <REP> Free Download Manager 07/07/2008 07:50 <REP> Free Easy Burner 29/02/2008 06:35 <REP> GIMP-2.0 02/08/2008 23:51 <REP> Google 19/05/2008 15:57 <REP> InfraRecorder 12/02/2008 02:31 <REP> Intel 18/08/2008 12:03 <REP> Internet Explorer 28/05/2008 09:53 <REP> InterVideo 26/05/2008 13:28 <REP> Inventel 28/08/2008 18:55 <REP> Java 17/04/2008 14:24 <REP> K-Lite Codec Pack 22/02/2008 17:05 <REP> KONICA MINOLTA 22/08/2008 08:19 <REP> Lenovo 02/09/2008 09:54 <REP> Malwarebytes' Anti-Malware 27/04/2008 18:59 <REP> Media Player Classic 28/08/2008 08:11 <REP> Messenger 27/04/2008 18:59 <REP> Microsoft ActiveSync 11/02/2008 14:53 <REP> Microsoft CAPICOM 2.1.0.2 25/01/2006 19:57 <REP> microsoft frontpage 10/02/2008 19:02 <REP> Microsoft Office 10/02/2008 19:02 <REP> Microsoft Small Business 23/07/2008 20:03 <REP> Microsoft SQL Server 10/02/2008 18:55 <REP> Microsoft Visual Studio 10/02/2008 23:32 <REP> Microsoft Visual Studio 8 27/04/2008 18:54 <REP> Microsoft Works 10/02/2008 18:55 <REP> Microsoft.NET 28/08/2008 08:07 <REP> Movie Maker 05/09/2008 09:17 <REP> Mozilla Firefox 10/02/2008 23:35 <REP> MSBuild 25/01/2006 19:49 <REP> MSN 25/01/2006 19:49 <REP> MSN Gaming Zone 10/02/2008 18:23 <REP> MSXML 4.0 11/02/2008 14:53 <REP> MSXML 6.0 31/05/2008 15:28 <REP> Multimedia Center for Think Offerings 28/08/2008 08:03 <REP> NetMeeting 27/04/2008 18:59 <REP> NetWaiting 27/04/2008 18:59 <REP> Online Services 11/02/2008 00:19 <REP> OO Software 02/03/2008 10:56 <REP> orange 28/08/2008 08:03 <REP> Outlook Express 03/05/2008 09:47 <REP> PCDR5 02/08/2008 23:51 <REP> Picasa2 13/06/2008 09:53 <REP> QuickTime 27/04/2008 19:00 <REP> Services en ligne 27/04/2008 19:00 <REP> SMI2 25/05/2008 12:38 <REP> SoundSpectrum 28/08/2008 19:21 <REP> SumatraPDF 14/08/2008 13:52 <REP> Sun 10/02/2008 18:25 <REP> Synaptics 12/02/2008 02:43 <REP> ThinkPad 28/05/2008 09:54 <REP> ThinkVantage 27/04/2008 19:00 <REP> ThinkVantage Fingerprint Software 27/04/2008 19:26 <REP> TmNationsForever 06/08/2008 09:41 <REP> Trend Micro 22/08/2008 08:37 <REP> TuneUp Utilities 2008 27/04/2008 19:00 <REP> TVT SMBus 05/06/2008 11:09 <REP> VideoLAN 23/07/2008 13:16 <REP> Winamp 28/02/2008 19:55 <REP> Windows Desktop Search 11/02/2008 22:10 <REP> Windows Live 27/04/2008 19:00 <REP> Windows Live Toolbar 27/04/2008 19:00 <REP> Windows Media Connect 2 28/08/2008 08:03 <REP> Windows Media Player 28/08/2008 08:03 <REP> Windows NT 27/04/2008 19:00 <REP> WinRAR 25/01/2006 19:57 <REP> xerox 0 fichier(s) 0 octets 87 Rép(s) 28 258 312 192 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs 03/08/2008 08:47 <REP> . 03/08/2008 08:47 <REP> .. 06/08/2008 12:20 <REP> Adobe 24/06/2008 10:51 <REP> Adobe AIR 03/08/2008 08:48 <REP> AVSMedia 27/04/2008 18:55 <REP> DESIGNER 26/05/2008 13:28 278 528 FDEUnInstaller.exe 31/05/2008 15:30 <REP> Installshield 12/02/2008 03:01 <REP> InterVideo 17/04/2008 13:31 <REP> Java 27/05/2008 15:53 <REP> Lenovo 03/08/2008 08:47 <REP> Microsoft Shared 25/01/2006 19:51 <REP> MSSoap 12/02/2008 00:36 <REP> NSV 04/07/2008 05:59 <REP> Oberon Media 25/01/2006 11:45 <REP> ODBC 25/01/2006 19:51 <REP> Services 27/04/2008 18:56 <REP> snp2std 27/04/2008 18:56 <REP> Sonic Shared 25/01/2006 11:44 <REP> SpeechEngines 13/02/2008 08:59 <REP> Symantec Shared 28/08/2008 08:03 <REP> System 12/02/2008 02:48 <REP> ThinkVantage Fingerprint Software 03/08/2008 11:44 <REP> Wise Installation Wizard 1 fichier(s) 278 528 octets 23 Rép(s) 28 258 320 384 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 01/08/2008 18:30 <REP> . 01/08/2008 18:30 <REP> .. 27/04/2008 18:56 <REP> 1036 28/08/2007 23:55 973 168 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 22:09 122 937 MSOWS409.DLL 07/03/2001 17:00 127 033 MSOWS40c.DLL 4 fichier(s) 1 263 394 octets 3 Rép(s) 28 258 320 384 octets libres c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe c:\Documents and Settings\Régis Granger\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Bureau\OTViewIt.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Régis Granger\Bureau\HJT\HJTInstall.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Hostsclean.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\MD5File.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Process.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\setpath.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\zip.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\core.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\file.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\imglib.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\jpeg.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\logger.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\luxor_ar_web.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\net.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\ui2.dll c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\zone\zuma\Zuma.dll c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\js32.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Formats\7z.dll ****** Fin du rapport DiagHelp C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->05/09/2008 09:17:38 C:\WINDOWS\prefetch\TASKMGR.EXE-20256C55.pf -->05/09/2008 09:17:20 C:\WINDOWS\prefetch\BTSTAC~1.EXE-22A3B15B.pf -->05/09/2008 09:17:12 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->02/09/2008 00:16:46 C:\WINDOWS\System32\drivers\mbam.sys -->02/09/2008 00:16:40 C:\WINDOWS\System32\drivers\avipbb.sys -->22/08/2008 07:43:05 C:\WINDOWS\System32\drivers\SynTP.sys -->03/07/2008 15:53:20 C:\WINDOWS\System32\drivers\IBMBLDID.sys -->02/07/2008 00:22:06 C:\WINDOWS\System32\drivers\ANC.sys -->02/07/2008 00:22:04 C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12 C:\WINDOWS\System32\PROCDB.INI -->05/09/2008 09:15:21 C:\WINDOWS\System32\TPHDLOG0.LOG -->05/09/2008 09:15:19 C:\WINDOWS\System32\IPSCtrl.INI -->05/09/2008 09:15:11 C:\WINDOWS\System32\oodbs.lor -->05/09/2008 09:14:57 C:\WINDOWS\System32\TPAPSLOG.LOG -->04/09/2008 14:25:02 C:\WINDOWS\System32\EGATHDRV.SYS -->03/09/2008 08:41:53 C:\WINDOWS\System32\mlfcache.dat -->02/09/2008 12:29:58 C:\WINDOWS\System32\PerfStringBackup.INI -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\wpa.dbl -->28/08/2008 08:19:02 C:\WINDOWS\System32\spupdwxp.log -->28/08/2008 08:16:34 C:\WINDOWS\System32\FNTCACHE.DAT -->28/08/2008 08:15:38 C:\WINDOWS\System32\d3d9caps.dat -->22/08/2008 08:48:21 C:\WINDOWS\System32\TZLog.log -->18/08/2008 12:03:39 C:\WINDOWS\System32\TUKernel.exe -->09/08/2008 00:28:47 C:\WINDOWS\System32\CONFIG.NT -->05/08/2008 11:32:22 C:\WINDOWS\System32\MRT.exe -->05/08/2008 11:11:02 C:\WINDOWS\System32\TuneUpDefragService.exe -->23/07/2008 13:20:04 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\WindowsUpdate.log -->05/09/2008 09:18:32 C:\WINDOWS\setupapi.log -->05/09/2008 09:15:25 C:\WINDOWS\wiadebug.log -->05/09/2008 09:15:20 C:\WINDOWS\wiaservc.log -->05/09/2008 09:15:17 C:\WINDOWS\0.log -->05/09/2008 09:15:02 C:\WINDOWS\bootstat.dat -->05/09/2008 09:15:01 C:\WINDOWS\SchedLgU.Txt -->05/09/2008 09:13:48 C:\WINDOWS\msnfix.txt -->04/09/2008 11:26:46 C:\WINDOWS\npornap.INI -->31/08/2008 12:21:42 C:\WINDOWS\SynInst.log -->31/08/2008 12:12:25 C:\WINDOWS\setupact.log -->31/08/2008 12:12:11 C:\WINDOWS\iis6.log -->29/08/2008 07:45:02 C:\WINDOWS\tsoc.log -->29/08/2008 07:45:01 C:\WINDOWS\tabletoc.log -->29/08/2008 07:45:01 C:\WINDOWS\ocmsn.log -->29/08/2008 07:45:01 winlogon.exe svchost.exe ws2_32.dll user32.dll tcpip.sys ndis.sys null.sys ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3520 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x10000000 0x4e000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL 0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00ce0000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL 0x00e10000 0x19000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL 0x00f40000 0x7000 1.60.0000.0006 C:\WINDOWS\system32\Sensor.dll 0x02ed0000 0x36000 6.14.0010.4926 C:\WINDOWS\system32\igfxdev.dll 0x03060000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll 0x015e0000 0x13000 5.01.0000.4700 C:\WINDOWS\system32\btmmhook.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x00970000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x00c00000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll 0x00c20000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll 0x00c30000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x02b70000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll 0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x038c0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll 0x01400000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll 0x03a00000 0x87000 10.00.0002.3363 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll 0x03a90000 0x4b000 10.00.0012.1681 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL 0x03bc0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1648 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x8f000 1.02.0059.0000 C:\WINDOWS\system32\tvt_gina.dll 0x00cb0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll 0x00ed0000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll 0x00ab0000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll 0x01090000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll 0x01260000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01310000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll 0x01420000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll 0x01530000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll 0x01590000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll 0x016c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll 0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL 0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll 0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll 0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL 0x02310000 0x8000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll 0x02320000 0x2a000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll 0x0a000000 0x30000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x02350000 0x18000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll 0x02430000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll 0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll 0x74da0000 0x6d000 5.30.0023.1230 C:\WINDOWS\system32\RICHED20.DLL 0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll 0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll 0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll 0x300a0000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll 0x03170000 0x7000 1.00.0003.0000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll 0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll 0x03530000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\system32 14/04/2008 04:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 28 254 629 888 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\Downloaded Program Files 20/08/2008 01:20 <REP> . 20/08/2008 01:20 <REP> .. 26/03/2007 11:16 449 acpir.inf 12/12/2007 10:33 747 AdSignerADP.inf 08/06/2008 21:13 <REP> CONFLICT.1 26/01/2006 23:52 65 desktop.ini 11/04/2007 14:55 1 292 erma.inf 16/05/2007 09:22 399 gp.inf 16/03/2005 12:34 7 407 lang.ini 14/03/2005 14:38 126 live.ini 02/08/2007 15:47 569 MSNPUpld.inf 15/06/2007 09:02 632 392 OberonGameHost.dll 15/06/2007 09:01 332 OberonGameHost_dbg.inf 01/06/2006 02:57 1 331 oscan8.inf 14/03/2005 14:58 7 073 scanoptions.tsi 09/09/2005 18:45 1 516 wvc1dmo.inf 13 fichier(s) 653 698 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 08/06/2008 21:13 <REP> . 08/06/2008 21:13 <REP> .. 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/06/2006 15:44 117 560 PURen-us.dll 09/01/2007 08:30 110 592 PURfr-fr.dll 4 fichier(s) 608 249 octets Total des fichiers listés : 17 fichier(s) 1 261 947 octets 5 Rép(s) 28 254 609 408 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp" "D:\\Livebox\\RGWRepair.exe"="D:\\Livebox\\RGWRepair.exe:*:Enabled:RGWRepair" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:LocalSubNet:Enabled:eMule" "C:\\Program Files\\eMule\\dserver.exe"="C:\\Program Files\\eMule\\dserver.exe:*:Enabled:dserver" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" REGEDIT4 [taskmgr.exe] exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.shareaza.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-05 09:30:29 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="D89080994D4813D016F6F62A6A914549CEEE7CD62532A71A9594484CFB2BCF3EBE0525D4A52 0FB0CA4268BF2B7E7D6D82E831A1799341734ADB64FD4CABF62278B661EBB76120711C547CB2D5752 850D3A422450EDAAEAE3C417720C0337F3182898DD1CFC0C8A7ACEF9FD2683C88C4F56A353F1F835E 1846A2402223679EB7EF0A6E804A55FB3E20A7EFB6EA7A2FB8C59C178AEC256147523F2620AAAD304 48B8BCD8C917C081ECB5BCB4DAE42139378DDBF57B0976EA99E5BA0CF95CF5CCE9C12B5B04284AC73 C833C29058D647D46B354C412BD6023D51FD60A6DF7F4A7DA48FEBC9E127BECC74CFEBC9E127BECC7 4CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC793 3A2D97226D213B5559DB7CE019D40AA5C9DB7CE019D40AA5CEEE5D9EEA86E62995E2AAA2C44707446 9ADD2F13269F97558A435AAE8A3D9B7A0F2E315CFC29D5F63607CDD45282A0856F1EE9FB202672185 8447E89DBF20B61184671FCF0E520B24AA3575D7D00AD2AF4A23D558E7FC3AD18B48A12F4E7F23746 1FED78A65CBFF1CE82DB2CB3C5ACA479A720E246CB4AF3CF21F58634A0E4E776BA3C2D2715B64B1CB C33DB4601305BEE78C89B81004BBC292C765C5EF6F7D0ADB036ACDBED0DCB2D7EF6B9E734D0246876 33AADCE1904DF28B0DBB1796454690AC7ABB96974B74A307074A32382A4FA018A0EFD98EE4E19D0BF 7026901690FEBEDE954081B02B741AC06C221B6DA1D72E495005E759AA5BF08BC3F448A08662D46AC A4C9CE437D6ED5DB8D142E07C0607C58A1B4DA84BC9474A53779DCC5F9E8202B8ED6622522B87F33C A51F0D6658F8DF54F0856FC3C77D7BF6441F24BEED47394A50E5743F6CEBA7BC98027F52747DE40BA EA525F2E6C4BDAF1339FC6DA4C51DBB4B2833B3E03AAE6952E4B1418F44A49C5D38F0D1197FD0EC0C E06EA48CDDCB439EC902FB050876E64C9AA63BB2ABB690899A26BD5C4B03064F720EC377C4C9B6547 FAC8F9D01E4C27A8E89D8B1CB43DCD7C72E1E4E03B60A67239851B1F6C4D9DB116AF3BC3CE7F0003F E7D74A2CBA4969B3A5C957D87FE036BF3F35A219BCC7B7F8793880F8D4BC5F4344158BB28C415FD0C 4E37519331ABEFC3F750904DDE4CE74927E7B963360180A8308B070905B10CC8A90CB5F1E083F1F2D 8CBA0098F1386A8A1D66F6C8CF207CF8DD7C9BE9187142AE8C928C7B9A3C79CDF0FA8E9AB04DBC63C 450057DC8DD2EFA8F76DAD5AE5463B879ACBD1AD592D315AD1249EC588C81B36185FE97AF491A44E2 07FD09350395C861C655CF2A33FF71940AF6B353F176DD3A4A5FB7B8650DAD4F32FB5367F65BF6ADF 5FC900B78108747711A61279705D58B98F7A3D5007D6128BD2FBFD5D28EFBCED471095FD59CDC20BA CBCBB3BE55A92967B65DD130B2EE1" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 236 - svchost.exe 356 - Amsg.exe 496 - ACWLIcon.exe 680 - svchost.exe 712 - TPHDEXLG.exe 840 - spoolsv.exe 960 - AwaySch.EXE 1192 - AcSvc.exe 1308 - pdservice.exe 1324 - oodtray.exe 1376 - logmon.exe 1396 - IPSSVC.EXE 1444 - acs.exe 1480 - avguard.exe 1604 - mdm.exe 1624 - csrss.exe 1648 - winlogon.exe 1692 - services.exe 1704 - lsass.exe 1840 - ibmpmsvc.exe 1884 - svchost.exe 1892 - oodag.exe 1956 - svchost.exe 1996 - svchost.exe 2084 - fdm.exe 2312 - wmiprvse.exe 2380 - sqlservr.exe 2464 - alg.exe 3060 - avgnt.exe 3104 - ctfmon.exe 3112 - taskmgr.exe 3120 - BTSTAC~1.EXE 3212 - MemOptimizer.ex 3220 - fum.exe 3240 - fumoei.exe 3272 - CamTray.exe 3300 - wcescomm.exe 3396 - winamp.exe 3416 - cssauth.exe 3500 - rapimgr.exe 3520 - explorer.exe 3732 - BTTray.exe 3816 - rundll32.exe 3844 - DLG.exe 3860 - SynTPEnh.exe 3892 - TpShocks.exe 3908 - TPOSDSVC.exe 4056 - SMax4.exe 4144 - cmd.exe 4688 - firefox.exe Total number of processes = 51 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll F7ABD000 - \WINDOWS\system32\KDCOM.DLL F79CD000 - \WINDOWS\system32\BOOTVID.dll F748D000 - ACPI.sys F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F747C000 - pci.sys F75BD000 - isapnp.sys F79D1000 - compbatt.sys F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7B85000 - pciide.sys F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F745E000 - pcmcia.sys F75CD000 - MountMgr.sys F743F000 - ftdisk.sys F7AC1000 - dmload.sys F7419000 - dmio.sys F7845000 - PartMgr.sys F79D9000 - ACPIEC.sys F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F75DD000 - VolSnap.sys F7401000 - atapi.sys F7339000 - iaStor.sys F75ED000 - disk.sys F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7319000 - fltmgr.sys F7307000 - sr.sys F760D000 - PxHelp20.sys F72F0000 - KSecDD.sys F7263000 - Ntfs.sys F7236000 - NDIS.sys F7218000 - Apsx86.sys F784D000 - ApsHM86.sys F761D000 - ohci1394.sys F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F71FE000 - Mup.sys F765D000 - \SystemRoot\system32\DRIVERS\nic1394.sys F6BC3000 - \SystemRoot\system32\DRIVERS\intelppm.sys F5878000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys F5864000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F583C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F5811000 - \SystemRoot\system32\DRIVERS\b57xp32.sys F578A000 - \SystemRoot\system32\DRIVERS\ar5211.sys F7935000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F5766000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F793D000 - \SystemRoot\system32\DRIVERS\usbehci.sys F573E000 - \SystemRoot\system32\drivers\tifm21.sys F572A000 - \SystemRoot\system32\DRIVERS\sdbus.sys F6BB3000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7945000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F56F2000 - \SystemRoot\system32\DRIVERS\SynTP.sys F7B17000 - \SystemRoot\system32\DRIVERS\USBD.SYS F794D000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7955000 - \SystemRoot\system32\DRIVERS\nscirda.sys F7AB1000 - \SystemRoot\system32\DRIVERS\irenum.sys F795D000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys F7AB9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F71DA000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys F6BA3000 - \SystemRoot\system32\DRIVERS\imapi.sys F7965000 - \SystemRoot\system32\drivers\iviaspi.sys F6B93000 - \SystemRoot\system32\DRIVERS\cdrom.sys F6B83000 - \SystemRoot\system32\DRIVERS\redbook.sys F56CF000 - \SystemRoot\system32\DRIVERS\ks.sys F55FE000 - \SystemRoot\system32\DRIVERS\btkrnl.sys F796D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys F7CD7000 - \SystemRoot\system32\DRIVERS\audstub.sys F7975000 - \SystemRoot\system32\DRIVERS\rasirda.sys F797D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6B73000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F71C6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F55E7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F6B63000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F773D000 - \SystemRoot\system32\DRIVERS\raspptp.sys F55D6000 - \SystemRoot\system32\DRIVERS\psched.sys F774D000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7985000 - \SystemRoot\system32\DRIVERS\ptilink.sys F798D000 - \SystemRoot\system32\DRIVERS\raspti.sys F55A6000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F775D000 - \SystemRoot\system32\DRIVERS\termdd.sys F7995000 - \SystemRoot\system32\DRIVERS\psadd.sys F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys F5548000 - \SystemRoot\system32\DRIVERS\update.sys F7171000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F778D000 - \SystemRoot\system32\DRIVERS\wsimd.sys F799D000 - \SystemRoot\system32\DRIVERS\btport.sys F5E8E000 - \SystemRoot\System32\Drivers\NDProxy.SYS AA5DB000 - \SystemRoot\system32\drivers\ADIHdAud.sys AA5B7000 - \SystemRoot\system32\drivers\portcls.sys F77BD000 - \SystemRoot\system32\drivers\drmk.sys AA5A0000 - \SystemRoot\system32\drivers\AEAudio.sys AA56C000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys AA47A000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys AA3C7000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys F788D000 - \SystemRoot\System32\Drivers\Modem.SYS A98E4000 - \SystemRoot\system32\DRIVERS\usbhub.sys F551C000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F7B51000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C89000 - \SystemRoot\System32\Drivers\Null.SYS F7B53000 - \SystemRoot\System32\Drivers\Beep.SYS A83B5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A83AD000 - \SystemRoot\System32\drivers\vga.sys F7B55000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B59000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A83A5000 - \SystemRoot\System32\Drivers\Msfs.SYS A839D000 - \SystemRoot\System32\Drivers\Npfs.SYS F5514000 - \SystemRoot\system32\DRIVERS\rasacd.sys A5A93000 - \SystemRoot\system32\DRIVERS\ipsec.sys A5A3A000 - \SystemRoot\system32\DRIVERS\tcpip.sys A5A12000 - \SystemRoot\system32\DRIVERS\netbt.sys A59EC000 - \SystemRoot\system32\DRIVERS\ipnat.sys A59CA000 - \SystemRoot\System32\drivers\afd.sys A845E000 - \SystemRoot\system32\DRIVERS\netbios.sys A8395000 - \SystemRoot\System32\drivers\TSMAPIP.SYS A838D000 - \SystemRoot\System32\drivers\Tppwrif.sys A8385000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys A837D000 - \SystemRoot\System32\drivers\TDSMAPI.SYS A77B5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys A77AD000 - \SystemRoot\System32\drivers\Smapint.sys A588F000 - \SystemRoot\system32\DRIVERS\rdbss.sys A581F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7B5B000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys A843E000 - \SystemRoot\System32\Drivers\Fips.SYS A7C10000 - \SystemRoot\system32\DRIVERS\wanarp.sys A7C00000 - \SystemRoot\system32\DRIVERS\arp1394.sys A55A4000 - \SystemRoot\system32\DRIVERS\avipbb.sys A9B58000 - \SystemRoot\system32\DRIVERS\hidusb.sys A7BD0000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7B5F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys A9B54000 - \SystemRoot\System32\drivers\ANC.SYS A599A000 - \SystemRoot\System32\Drivers\tcusb.sys A51A2000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS A7B23000 - \SystemRoot\system32\DRIVERS\mouhid.sys 9BAD9000 - \SystemRoot\System32\Drivers\Fastfat.SYS 9BA11000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys 9D4A6000 - \SystemRoot\System32\drivers\Dxapi.sys 9C388000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C45000 - \SystemRoot\System32\drivers\dxgthk.sys BF024000 - \SystemRoot\System32\igxpgd32.dll BF012000 - \SystemRoot\System32\igxprd32.dll BF04F000 - \SystemRoot\System32\igxpdv32.DLL BF1E7000 - \SystemRoot\System32\igxpdx32.DLL 9C077000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 9B9FB000 - \SystemRoot\system32\DRIVERS\irda.sys 9B9E5000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys F6BF3000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys 9F922000 - \SystemRoot\system32\DRIVERS\ndisuio.sys 9B995000 - \SystemRoot\system32\DRIVERS\nwrdr.sys 9B968000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A22EB000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS F7AC9000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS 9F155000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys 9B84E000 - \SystemRoot\system32\DRIVERS\srv.sys 9D979000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys 9B812000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F7AEB000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys A4063000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys F7C59000 - \??\C:\Program Files\SMI2\smi2.sys A2ED1000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9B7BA000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys 9B1E5000 - \SystemRoot\system32\drivers\wdmaud.sys A2F41000 - \SystemRoot\system32\drivers\sysaudio.sys 9A3F2000 - \SystemRoot\System32\Drivers\btwusb.sys 9A374000 - \SystemRoot\system32\DRIVERS\btwdndis.sys 9A2F4000 - \SystemRoot\system32\drivers\btaudio.sys 9A032000 - \SystemRoot\system32\drivers\kmixer.sys F7C25000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 168 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office system Access - Aide Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Flash Player 9 ActiveX Adobe Flash Player ActiveX Adobe Flash Player Plugin Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Assistant UltraNav ThinkPad Audacity 1.3.5 (Unicode) Avira AntiVir Personal - Free Antivirus CCleaner (remove only) Client Security Solution Configuration du ThinkPad Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Creative WebCam Center Creative WebCam NX Ultra Driver (1.01.03.0112) eMule ffdshow [rev 1977] [2008-05-28] Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) Fonctions d'accessibilité TrackPoint Free Download Manager 2.5 Free Easy Burner V 3.8 FTP Utility G-Force GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) Gestionnaire d'alimentation ThinkPad Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de présentation getPlus®_ocx GIMP 2.4.4 Help Center HijackThis 2.0.2 Incrustation InfraRecorder Integrated camera Intel® Graphics Media Accelerator Driver InterVideo Register Manager InterVideo WinDVD InterVideo WinDVD Creator 3 Java 6 Update 7 LADSPA_plugins-win-0.4.15 Lecteur Windows Media 10 Macromedia Flash Player 8 Maintenance Manager Malwarebytes' Anti-Malware Media Player Classic fr Message Center Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft ActiveSync Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Works 6-9 Converter Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Montpellier Business Plan Classic Mozilla Firefox (3.0.1) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) O&O Defrag Professional Edition OpenOffice.org Installer 1.0 Orange Plug-in messagerie vocale 888 PC-Doctor 5 pour Windows Picasa 2 QuickTime RecordNow Audio RecordNow Copy RecordNow Data Remove Multimedia Center Rescue and Recovery Rescue and Recovery Critical Patch for Windows Update (KB917422) Security Update for 2007 Microsoft Office System (KB951596) Security Update for 2007 Microsoft Office System (KB951596) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Visio 2007 (KB947590) Security Update for Visio 2007 (KB947590) ServerMaker 2001 SoundMAX Sumatra PDF reader Supplément à Productivity Center pour ThinkPad System Migration Assistant System Update Système de protection active ThinkVantage Texas Instruments PCIxx21/x515/xx12 drivers. ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad Modem ThinkPad PC Card Power Policy ThinkPad Power Management Driver ThinkPad UltraNav Driver ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) ThinkVantage Access Connections ThinkVantage Fingerprint Software 5.6 ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message TIPCI Total Commander (Remove or Repair) TuneUp Utilities 2008 Update for Microsoft Office Outlook 2007 (KB952142) Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb955433) Update for Outlook 2007 Junk Email Filter (kb955433) Utilitaire de personnalisation du clavier ThinkPad Utilitaire ThinkPad EasyEject Utilitaire ThinkPad UltraNav VideoLAN VLC media player 0.8.6f Wallpapers WebFldrs XP Winamp Windows Live installer Windows Live Messenger Windows Live Toolbar Windows Live Toolbar Windows Media Connect Windows Media Format Runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player Firefox Plugin Windows XP Service Pack 3 XP Themes Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files 04/09/2008 10:38 <REP> . 04/09/2008 10:38 <REP> .. 27/04/2008 18:55 <REP> Activation Assistant for the 2007 Microsoft Office suites 06/08/2008 12:20 <REP> Adobe 10/02/2008 23:40 <REP> Alwil Software 10/02/2008 18:27 <REP> Analog Devices 22/08/2008 10:05 <REP> Apple Software Update 04/09/2008 10:33 <REP> Audacity 1.3 Beta (Unicode) 05/08/2008 11:40 <REP> Avira 07/03/2008 10:50 <REP> CapAlpha 19/05/2008 12:11 <REP> CCleaner 25/01/2006 19:50 <REP> ComPlus Applications 10/02/2008 18:27 <REP> CONEXANT 02/05/2008 14:32 <REP> Creative 27/04/2008 18:55 <REP> Dactylo 27/04/2008 18:55 <REP> Digital Line Detect 29/08/2008 00:44 <REP> eMule 02/08/2008 13:47 <REP> FairUse Wizard 2 31/05/2008 13:37 <REP> ffdshow 03/08/2008 08:47 <REP> Fichiers communs 28/08/2008 18:53 <REP> Foxit Software 31/08/2008 12:10 <REP> Free Download Manager 07/07/2008 07:50 <REP> Free Easy Burner 29/02/2008 06:35 <REP> GIMP-2.0 02/08/2008 23:51 <REP> Google 19/05/2008 15:57 <REP> InfraRecorder 12/02/2008 02:31 <REP> Intel 18/08/2008 12:03 <REP> Internet Explorer 28/05/2008 09:53 <REP> InterVideo 26/05/2008 13:28 <REP> Inventel 28/08/2008 18:55 <REP> Java 17/04/2008 14:24 <REP> K-Lite Codec Pack 22/02/2008 17:05 <REP> KONICA MINOLTA 22/08/2008 08:19 <REP> Lenovo 02/09/2008 09:54 <REP> Malwarebytes' Anti-Malware 27/04/2008 18:59 <REP> Media Player Classic 28/08/2008 08:11 <REP> Messenger 27/04/2008 18:59 <REP> Microsoft ActiveSync 11/02/2008 14:53 <REP> Microsoft CAPICOM 2.1.0.2 25/01/2006 19:57 <REP> microsoft frontpage 10/02/2008 19:02 <REP> Microsoft Office 10/02/2008 19:02 <REP> Microsoft Small Business 23/07/2008 20:03 <REP> Microsoft SQL Server 10/02/2008 18:55 <REP> Microsoft Visual Studio 10/02/2008 23:32 <REP> Microsoft Visual Studio 8 27/04/2008 18:54 <REP> Microsoft Works 10/02/2008 18:55 <REP> Microsoft.NET 28/08/2008 08:07 <REP> Movie Maker 05/09/2008 09:17 <REP> Mozilla Firefox 10/02/2008 23:35 <REP> MSBuild 25/01/2006 19:49 <REP> MSN 25/01/2006 19:49 <REP> MSN Gaming Zone 10/02/2008 18:23 <REP> MSXML 4.0 11/02/2008 14:53 <REP> MSXML 6.0 31/05/2008 15:28 <REP> Multimedia Center for Think Offerings 28/08/2008 08:03 <REP> NetMeeting 27/04/2008 18:59 <REP> NetWaiting 27/04/2008 18:59 <REP> Online Services 11/02/2008 00:19 <REP> OO Software 02/03/2008 10:56 <REP> orange 28/08/2008 08:03 <REP> Outlook Express 03/05/2008 09:47 <REP> PCDR5 02/08/2008 23:51 <REP> Picasa2 13/06/2008 09:53 <REP> QuickTime 27/04/2008 19:00 <REP> Services en ligne 27/04/2008 19:00 <REP> SMI2 25/05/2008 12:38 <REP> SoundSpectrum 28/08/2008 19:21 <REP> SumatraPDF 14/08/2008 13:52 <REP> Sun 10/02/2008 18:25 <REP> Synaptics 12/02/2008 02:43 <REP> ThinkPad 28/05/2008 09:54 <REP> ThinkVantage 27/04/2008 19:00 <REP> ThinkVantage Fingerprint Software 27/04/2008 19:26 <REP> TmNationsForever 06/08/2008 09:41 <REP> Trend Micro 22/08/2008 08:37 <REP> TuneUp Utilities 2008 27/04/2008 19:00 <REP> TVT SMBus 05/06/2008 11:09 <REP> VideoLAN 23/07/2008 13:16 <REP> Winamp 28/02/2008 19:55 <REP> Windows Desktop Search 11/02/2008 22:10 <REP> Windows Live 27/04/2008 19:00 <REP> Windows Live Toolbar 27/04/2008 19:00 <REP> Windows Media Connect 2 28/08/2008 08:03 <REP> Windows Media Player 28/08/2008 08:03 <REP> Windows NT 27/04/2008 19:00 <REP> WinRAR 25/01/2006 19:57 <REP> xerox 0 fichier(s) 0 octets 87 Rép(s) 28 254 138 368 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs 03/08/2008 08:47 <REP> . 03/08/2008 08:47 <REP> .. 06/08/2008 12:20 <REP> Adobe 24/06/2008 10:51 <REP> Adobe AIR 03/08/2008 08:48 <REP> AVSMedia 27/04/2008 18:55 <REP> DESIGNER 26/05/2008 13:28 278 528 FDEUnInstaller.exe 31/05/2008 15:30 <REP> Installshield 12/02/2008 03:01 <REP> InterVideo 17/04/2008 13:31 <REP> Java 27/05/2008 15:53 <REP> Lenovo 03/08/2008 08:47 <REP> Microsoft Shared 25/01/2006 19:51 <REP> MSSoap 12/02/2008 00:36 <REP> NSV 04/07/2008 05:59 <REP> Oberon Media 25/01/2006 11:45 <REP> ODBC 25/01/2006 19:51 <REP> Services 27/04/2008 18:56 <REP> snp2std 27/04/2008 18:56 <REP> Sonic Shared 25/01/2006 11:44 <REP> SpeechEngines 13/02/2008 08:59 <REP> Symantec Shared 28/08/2008 08:03 <REP> System 12/02/2008 02:48 <REP> ThinkVantage Fingerprint Software 03/08/2008 11:44 <REP> Wise Installation Wizard 1 fichier(s) 278 528 octets 23 Rép(s) 28 254 146 560 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 01/08/2008 18:30 <REP> . 01/08/2008 18:30 <REP> .. 27/04/2008 18:56 <REP> 1036 28/08/2007 23:55 973 168 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 22:09 122 937 MSOWS409.DLL 07/03/2001 17:00 127 033 MSOWS40c.DLL 4 fichier(s) 1 263 394 octets 3 Rép(s) 28 254 146 560 octets libres c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe c:\Documents and Settings\Régis Granger\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Bureau\OTViewIt.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Régis Granger\Bureau\HJT\HJTInstall.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Hostsclean.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\MD5File.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Process.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\setpath.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\zip.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\core.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\file.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\imglib.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\jpeg.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\logger.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\luxor_ar_web.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\net.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\ui2.dll c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\zone\zuma\Zuma.dll c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\js32.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Formats\7z.dll ****** Fin du rapport DiagHelp voilà.... @+, leredge.
  5. leredge
    En fait, la procédure utilisée n'a pas apporté beaucoup d'amélioration. Car en effet, après ces quelles heures utilisations de mon ordi. il y n'a pas eu un progrès significatif. @+, leredge.
  6. leredge
    Oui, l'ordi à encore des trucs qui utilisent le processeur sans savoir d'où cela provient. que faire ? @+, leredge
  7. leredge
    Salut chrifleur, j'ai effectué la procédure avec MSNfix et il a trouvé des erreurs. Le rapport (que je te joins ci-dessous) indique : " ces fichiers nécessitent un avis expérimenté avant toute intervention". C'est ce que j'ai fais en suivant l'indication : http://upload.changelog.fr MSNFix 1.742 C:\Documents and Settings\R‚gis Granger\Bureau\MSNFix Fix exécuté le 04/09/2008 - 11:21:47,92 By R‚gis Granger mode normal ************************ Recherche les fichiers présents ... C:\log.txt ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Suppression des fichiers .. OK ... C:\log.txt ************************ Nettoyage du registre ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112258 -- original size 251.75 Kb / 9005 lines -- Start cleaning Hosts file .... /!\... antivirus.com ..... Found and removed /!\... avast.com ..... Found and removed /!\... ca.com ..... Found and removed /!\... mcafee.com ..... Found and removed /!\... spybot.info ..... Found and removed -- final size 250.39 Kb / 8963 lines -- entry Found : 5 / Entry check : 310 End .............................. 23.4 Secondes Les fichiers encore présents seront supprimés au prochain redémarrage ************************ Suppression des fichiers .. OK ... C:\log.txt ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112558 -- original size 250.39 Kb / 8963 lines -- Start cleaning Hosts file .... -- final size 250.39 Kb / 8963 lines -- entry Found : 0 / Entry check : 310 End .............................. 27.11 Secondes ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\WINDOWS\system32\IPSSVC.EXE] 00D8E9DAEBE72A5DF3986FD418A995EB ==> SVP merci d'envoyer le fichier C:\DOCUME~1\RGISGR~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04092008_11262629.zip ************************ HKLM\...\Winlogon\Userinit Userinit = C:\WINDOWS\system32\userinit.exe, Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- @+, leredge.
  8. leredge
    Salut chrifleur, Merci pour ta réponse. L'antivirus ne trouve pas mais il signale 2 dangers sans préciser lesquels. voici les deux rapports Otviewit : OTViewIt Extras logfile created on: 04/09/2008 09:53:30 - Run 3 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free 2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager [11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager [11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application [11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook [05/21/2008 04:37 AM | 12,844,576 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application [04/14/2008 04:34 AM | 00,033,792 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager [11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager [11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application [11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server [04/14/2008 04:34 AM | 00,018,432 | ---- | M] (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox [07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation) "C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever [04/14/2008 01:03 AM | 11,976,704 | ---- | M] () "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp [07/09/2008 11:34 PM | 01,343,840 | ---- | M] (Nullsoft) "D:\Livebox\RGWRepair.exe" = D:\Livebox\RGWRepair.exe:*:Enabled:RGWRepair File not found "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:LocalSubNet:Enabled:eMule [08/01/2008 07:41 PM | 05,480,448 | ---- | M] (http://www.emule-project.net) "C:\Program Files\eMule\dserver.exe" = C:\Program Files\eMule\dserver.exe:*:Enabled:dserver [11/30/2001 11:07 AM | 00,221,184 | ---- | M] () "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation) ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] - "%1" %* .cmd [@ = cmdfile] - "%1" %* .com [@ = comfile] - "%1" %* .exe [@ = exefile] - "%1" %* .html [@ = FirefoxHTML] - [07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe .pif [@ = piffile] - "%1" %* .scr [@ = scrfile] - "%1" %* ========== Winsock2 Catalogs ========== ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== ========== HKEY_CURRENT_USER Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] ipp: [HKLM - No CLSID value] msdaipp: [HKLM - No CLSID value] ========== Protocol Filters ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar "{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906) "{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message "{1297C681-92D7-40EF-93BF-03F66EC5105C}" = Utilitaire ThinkPad EasyEject "{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888 "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{1787603C-E6E3-42D4-8034-55F358486F1D}" = MSXML 6.0 Parser (KB933579) "{17CBC505-D1AE-459D-B445-3D2000A85842}" = Utilitaire ThinkPad UltraNav "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Utilitaire de personnalisation du clavier ThinkPad "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0 "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = Système de protection active ThinkVantage "{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{48227AEB-DC8E-4A90-A274-0B4A39D699B1}" = Client Security Solution "{483CFBDB-5870-41ED-82DC-992D1A2CBA87}" = Adobe Flash Player 9 ActiveX "{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = TIPCI "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{65706020-7B6F-41F2-8047-FC69579E386A}" = Gestionnaire de présentation "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{69333A04-5134-40A5-A055-9166A7AA1EC8}" = "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6CE96A14-61E2-48CC-837E-22710A953ADE}" = XP Themes "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Integrated camera "{75FF1600-6330-43FA-9022-E0835BF20778}" = Microsoft SQL Server VSS Writer "{7726CF62-7B45-4E6D-9266-615346816BCA}" = Rescue and Recovery "{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections "{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3 "{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = Assistant UltraNav ThinkPad "{83E5061B-A69A-46AD-A780-1DA6569FF283}" = Rescue and Recovery Critical Patch for Windows Update (KB917422) "{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1) "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1) "{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114) "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{975C1D10-BA0E-4D58-AE01-8FD03A373E06}" = ServerMaker 2001 "{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}" = Microsoft SQL Server Native Client "{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) "{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = Gestionnaire d'alimentation ThinkPad "{A2289997-10A3-48F2-AA03-99180D761661}" = ThinkVantage Fingerprint Software 5.6 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio "{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181) "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access - Aide "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center "{D728E945-256D-4477-B377-6BBA693714AC}" = Supplément à Productivity Center pour ThinkPad "{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center "{EA664480-3844-11D5-8C25-444553540000}" = Fonctions d'accessibilité TrackPoint "{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}" = Montpellier Business Plan Classic "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers "{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant "{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = Configuration du ThinkPad "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode) "AwayTask" = Maintenance Manager "Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1 "CCleaner" = CCleaner (remove only) "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem "Creative PD1120" = Creative WebCam NX Ultra Driver (1.01.03.0112) "Creative WebCam Center" = Creative WebCam Center "eMule" = eMule "ffdshow_is1" = ffdshow [rev 1977] [2008-05-28] "Free Download Manager_is1" = Free Download Manager 2.5 "Free Easy Burner_is1" = Free Easy Burner V 3.8 "getPlus®_ocx" = getPlus®_ocx "G-Force" = G-Force "HDMI" = Intel® Graphics Media Accelerator Driver "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "InfraRecorder" = InfraRecorder "InstallShield_{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}" = FTP Utility "KB894476" = Windows Media Player 10 Hotfix - KB894476 "KB923723" = Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) "KB931906" = Security Update for CAPICOM (KB931906) "KB936782_WMP10" = Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) "KB938127-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) "KB941569" = Mise à jour de sécurité pour Windows XP (KB941569) "KB942615-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) "KB944533-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) "KB946648" = Mise à jour de sécurité pour Windows XP (KB946648) "KB947864-IE7" = Correctif pour Windows Internet Explorer 7 (KB947864) "KB948109_SQL9" = GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) "KB950759-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) "KB950760" = Mise à jour de sécurité pour Windows XP (KB950760) "KB950762" = Mise à jour de sécurité pour Windows XP (KB950762) "KB950974" = Mise à jour de sécurité pour Windows XP (KB950974) "KB951066" = Mise à jour de sécurité pour Windows XP (KB951066) "KB951072-v2" = Mise à jour pour Windows XP (KB951072-v2) "KB951376" = Mise à jour de sécurité pour Windows XP (KB951376) "KB951376-v2" = Mise à jour de sécurité pour Windows XP (KB951376-v2) "KB951698" = Mise à jour de sécurité pour Windows XP (KB951698) "KB951748" = Mise à jour de sécurité pour Windows XP (KB951748) "KB951978" = Mise à jour pour Windows XP (KB951978) "KB952287" = Correctif pour Windows XP (KB952287) "KB952954" = Mise à jour de sécurité pour Windows XP (KB952954) "KB953838-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) "KB953839" = Mise à jour de sécurité pour Windows XP (KB953839) "LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15 "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Media Player Classic" = Media Player Classic fr "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OnScreenDisplay" = Incrustation "PC-Doctor 5 for Windows" = PC-Doctor 5 pour Windows "PCMCIAPW" = ThinkPad PC Card Power Policy "Picasa2" = Picasa 2 "Power Management Driver" = ThinkPad Power Management Driver "PROHYBRIDR" = 2007 Microsoft Office system "PROPLUS" = Microsoft Office Professional Plus 2007 "Remove Multimedia Center" = Remove Multimedia Center "ShockwaveFlash" = Macromedia Flash Player 8 "SumatraPDF" = Sumatra PDF reader "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "Totalcmd" = Total Commander (Remove or Repair) "VLC media player" = VideoLAN VLC media player 0.8.6f "VST Bridge_is1" = VST Bridge 1.1 "Winamp" = Winamp "Windows Live Toolbar" = Windows Live Toolbar "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Lecteur Windows Media 10 "Windows XP Service" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.4.4 "WinRAR archiver" = Archiveur WinRAR "WMCSetup" = Windows Media Connect ========== HKEY_CURRENT_USER Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 30/08/2008 20:13:50 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Détecteur d'erreurs 854786114. Error - 01/09/2008 05:22:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. Error - 01/09/2008 19:43:07 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Application bloquée iexplore.exe, version 7.0.6000.16705, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 01/09/2008 19:43:16 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Détecteur d'erreurs 854786114. Error - 02/09/2008 14:37:05 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante sumatrapdf.exe, version 0.0.0.0, module défaillant sumatrapdf.exe, version 0.0.0.0, adresse de défaillance 0x000686cd. Error - 02/09/2008 14:37:09 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Détecteur d'erreurs 898464924. Error - 03/09/2008 07:38:20 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante QuickTimePlayer.exe, version 7.50.61.0, module défaillant QuickTimePlayer.exe, version 7.50.61.0, adresse de défaillance 0x0000130d. Error - 03/09/2008 09:07:27 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. Error - 03/09/2008 09:07:29 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Détecteur d'erreurs 570669371. Error - 03/09/2008 09:52:25 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. [ Internet Explorer Events ] [ ODiag Events ] [ OSession Events ] [ Security Events ] [ System Events ] Error - 02/09/2008 08:24:18 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:22 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:26 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:30 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:34 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:42 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 15:47:02 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = NetBT Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 02/09/2008 22:49:41 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Service Control Manager Description = Délai (30000 millisecondes) d'attente pour une réponse du service Dnscache à une transaction. Error - 03/09/2008 08:38:01 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = irevents Description = Le service de transfert de fichiers par infrarouge a rencontré une erreur en envoyant le fichier "C:\Documents and Settings\Régis Granger\Mes documents\Ma musique\Funkadelic\Funkadelic - Maggot Brain.mp3. L'erreur renvoyée est L'opération d'entrée/sortie a été abandonnée en raison de l'arrêt d'une thread ou à la demande d'une application. . < End of report > et voici le deuxième : OTViewIt logfile created on: 04/09/2008 09:53:30 - Run 3 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free 2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LENOVO-6BD91387 Current User Name: Régis Granger Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On ===== Processes - Non-Microsoft Only ===== [11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe [01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE [07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe [01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe [09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe [05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe [06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe [07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe [07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe [04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe [07/14/2006 06:36 PM | 00,022,016 | ---- | M] () - C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe [07/05/2008 01:06 AM | 00,126,976 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe [07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.) - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TpShocks.exe [03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [03/24/2008 02:41 PM | 00,067,432 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [04/25/2008 04:38 PM | 00,128,368 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\ZOOM\TpScrex.exe [06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO) - C:\Program Files\ThinkVantage\AMSG\Amsg.exe [07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe [06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodtray.exe [07/14/2006 07:20 PM | 00,817,920 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe [03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) - C:\Program Files\Free Download Manager\fdm.exe [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fum.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) - C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe [11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Program Files\Digital Line Detect\DLG.exe ===== Win32 Services - Non-Microsoft Only ===== (AcPrfMgrSvc) Ac Profile Manager Service [Auto | Running] [07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (acs) Atheros Configuration Service [Auto | Running] [03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe (AcSvc) Access Connections Main Service [Auto | Running] [07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (IBMPMSVC) ThinkPad PM Service [Auto | Running] [11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe (IPSSVC) Service de base IPS [Auto | Running] [01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE (IviRegMgr) IviRegMgr [Auto | Running] [01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe (O&O Defrag) O&O Defrag [Auto | Running] [06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe (Power Manager DBC Service) Power Manager DBC Service [Auto | Running] [06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe (PsaSrv) IBM PSA Access Driver Control [On_Demand | Stopped] File not found - C:\WINDOWS\system32\PsaSrv.exe (SUService) System Update [Auto | Running] [04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe (ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Auto | Running] [09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe (TPHDEXLGSVC) ThinkPad HDD APS Logging Service [Auto | Running] [05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe (TpKmpSVC) IBM KCU Service [Auto | Running] [06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe (TSSCoreService) TSS Core Service [Auto | Running] [07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] [07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\system32\TuneUpDefragService.exe (TVT Backup Service) TVT Backup Service [Auto | Running] [07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (TVT Scheduler) TVT Scheduler [Auto | Running] [03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe (tvtnetwk) tvtnetwk [Auto | Running] [07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ===== Driver Services - Non-Microsoft Only ===== (AR5211) Atheros Wireless Network Adapter Service [On_Demand | Running] [10/26/2007 02:20 AM | 00,549,184 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys (atmeltpm) atmeltpm [On_Demand | Running] [05/17/2005 11:20 AM | 00,015,872 | ---- | M] (Atmel, Inc.) - C:\WINDOWS\system32\drivers\atmeltpm.sys (IBMPMDRV) IBMPMDRV [On_Demand | Running] [11/02/2007 04:50 PM | 00,021,808 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ibmpmdrv.sys (IBMTPCHK) IBMTPCHK [system | Running] [07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\system32\drivers\IBMBLDID.sys (Iviaspi) IVI ASPI Shell [On_Demand | Running] [09/11/2003 12:36 AM | 00,021,060 | ---- | M] (InterVideo, Inc.) - C:\WINDOWS\system32\drivers\iviaspi.sys (mraid35x) mraid35x [Disabled | Stopped] [08/18/2001 07:52 AM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys (PcdrNdisuio) PCDRNDISUIO Usermode I/O Protocol [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys (PrivateDisk) PrivateDisk [Auto | Running] [03/13/2006 05:05 PM | 00,058,368 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\privatediskm.sys (PROCDD) Pilote de support IPS [Auto | Running] [11/06/2006 06:24 PM | 00,012,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\PROCDD.SYS (psadd) Lenovo Parties Service Access Device Driver [On_Demand | Running] [02/19/2007 07:56 AM | 00,021,376 | ---- | M] (Lenovo (United States) Inc.) - C:\WINDOWS\system32\drivers\psadd.sys (Shockprf) Shockprf [boot | Running] [05/14/2008 04:21 PM | 00,114,728 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsX86.sys (smihlp2) SMI Helper Driver (smihlp2) [Auto | Running] [08/14/2007 04:46 PM | 00,010,896 | ---- | M] (UPEK Inc.) - C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (Sparrow) Sparrow [Disabled | Stopped] [08/18/2001 08:07 AM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys (SynTP) Synaptics TouchPad Driver [On_Demand | Running] [07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys (TcUsb) TC USB Kernel Driver [On_Demand | Running] [08/14/2007 04:25 PM | 00,047,376 | ---- | M] (UPEK Inc.) - C:\WINDOWS\system32\drivers\tcusb.sys (TDSMAPI) TDSMAPI [system | Running] [10/02/2006 02:55 AM | 00,009,343 | ---- | M] () - C:\WINDOWS\system32\drivers\TDSMAPI.SYS (tifm21) tifm21 [On_Demand | Running] [11/30/2005 03:12 AM | 00,162,560 | ---- | M] (Texas Instruments) - C:\WINDOWS\system32\drivers\tifm21.sys (TPDIGIMN) TPDIGIMN [boot | Running] [05/14/2008 04:21 PM | 00,019,496 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsHM86.sys (TPHKDRV) TPHKDRV [system | Running] [05/12/2008 10:14 PM | 00,017,844 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\TPHKDRV.sys (TPPWRIF) TPPWRIF [system | Running] [06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\system32\drivers\TPPWRIF.SYS (TSMAPIP) TSMAPIP [system | Running] [06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\system32\drivers\TSMAPIP.SYS (tvtfilter) tvtfilter [Auto | Running] [07/14/2006 06:27 PM | 00,012,544 | ---- | M] (Lenovo) - C:\WINDOWS\system32\drivers\tvtfilter.sys (TVTPktFilter) TVT Packet Filter Service [On_Demand | Running] [07/14/2006 06:03 PM | 00,017,664 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\tvtpktfilter.sys (WSIMD) wsimd Service [On_Demand | Running] [07/03/2007 07:46 PM | 00,057,344 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\wsimd.sys ========== Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ACTray" = C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo ) "ACWLIcon" = C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo ) "AMSG" = C:\Program Files\ThinkVantage\AMSG\Amsg.exe [11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO) "avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [08/22/2008 07:43 AM | 00,266,497 | ---- | M] (Avira GmbH) "AwaySch" = C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited) "BLOG" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [06/10/2008 01:40 AM | 00,208,896 | ---- | M] () "cssauth" = "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent [07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited) "EZEJMNAP" = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.) "HotKeysCmds" = C:\WINDOWS\system32\hkcmd.exe [03/05/2008 02:48 PM | 00,166,424 | ---- | M] (Intel Corporation) "IgfxTray" = C:\WINDOWS\system32\igfxtray.exe [03/05/2008 02:48 PM | 00,141,848 | ---- | M] (Intel Corporation) "LPMailChecker" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited) "LPManager" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited) "OODefragTray" = C:\WINDOWS\system32\oodtray.exe [06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH) "PDService.exe" = "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" [03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG) "Persistence" = C:\WINDOWS\system32\igfxpers.exe [03/05/2008 02:48 PM | 00,137,752 | ---- | M] (Intel Corporation) "PWRMGRTR" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [06/10/2008 01:40 AM | 00,311,296 | ---- | M] (Lenovo Group Limited) "QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.) "SoundMAX" = "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [05/06/2005 04:06 PM | 00,716,800 | ---- | M] (Analog Devices, Inc.) "SoundMAXPnP" = C:\Program Files\Analog Devices\Core\smax4pnp.exe [05/20/2005 10:11 AM | 00,925,696 | ---- | M] (Analog Devices, Inc.) "SynTPEnh" = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.) "SynTPLpr" = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.) "TP4EX" = tp4ex.exe [10/17/2005 02:11 AM | 00,065,536 | ---- | M] (Lenovo Group Limited) "TPFNF7" = C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r [06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited) "TPHOTKEY" = C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited) "TPKMAPHELPER" = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [01/09/2007 05:28 PM | 00,868,352 | ---- | M] (Lenovo) "TpShocks" = TpShocks.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) "TVT Scheduler Proxy" = C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd) "Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) "Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () "Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () "Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.) "TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd) "Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) "Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () "Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () "Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.) "TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ========== Startup Folders ========== [Administrateur Startup Folder - C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage] [All Users Startup Folder - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] [11/26/2007 04:58 PM | 00,576,104 | ---- | M] (Broadcom Corporation.) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe [Default User Startup Folder - C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage] [Régis Granger Startup Folder - C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage] ========== BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] HKLM CLSID: (FDMIECookiesBHO Class) - [11/26/2007 03:35 PM | 00,094,208 | ---- | M] () C:\Program Files\Free Download Manager\iefdm2.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] HKLM CLSID: (CPwmIEBrowserHelper Object) - [07/14/2006 07:20 PM | 00,719,616 | ---- | M] (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll ========== Toolbars ========== ========== AppInit_Dlls ========== ========== HKLM Security Providers ========== ========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] = Explorer.exe >Explorer.exe - [04/14/2008 04:34 AM | 01,037,824 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] = C:\WINDOWS\system32\userinit.exe, >C:\WINDOWS\system32\userinit.exe - [04/14/2008 04:34 AM | 00,026,624 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL] = tvt_gina.dll >tvt_gina.dll - [07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) C:\WINDOWS\system32\tvt_gina.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] = logonui.exe >logonui.exe - [04/14/2008 04:34 AM | 00,515,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] = rundll32 shell32,Control_RunDLL "sysdm.cpl" >rundll32 shell32 - [04/14/2008 04:33 AM | 08,517,632 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll >Control_RunDLL "sysdm.cpl" - [04/14/2008 04:34 AM | 00,307,200 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ========== User's Winlogon Settings ========== ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] "DllName" = C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [07/05/2008 12:57 AM | 00,032,768 | ---- | M] (Lenovo ) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] "DllName" = C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [08/16/2006 07:07 PM | 00,049,152 | ---- | M] (Lenovo Group Limited) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] "DllName" = C:\WINDOWS\system32\igfxdev.dll [02/15/2008 12:45 PM | 00,208,896 | ---- | M] (Intel Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] "DllName" = C:\WINDOWS\system32\psqlpwd.dll [08/14/2007 04:54 PM | 00,089,600 | ---- | M] (UPEK Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] "DllName" = C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [09/06/2006 04:37 PM | 00,034,344 | ---- | M] () [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] "DllName" = C:\Program Files\Lenovo\HOTKEY\tphklock.dll [03/17/2008 04:02 PM | 00,034,080 | ---- | M] (Lenovo Group Limited) ========== Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] Unable to open key or key not present! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! ========== Lsa Authentication Packages ========== ========== Lsa Security Packages ========== ========== Desktop Components ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "FriendlyName" = "Ma page d'accueil" "Source" = "About:Home" "SubscribedURL" = "About:Home" ========== Safeboot Options ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] "AlternateShell" = cmd.exe ========== Disabled MsConfig Items ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^FTP Utility.lnk] "path" = C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\FTP Utility.lnk File not found "backup" = C:\WINDOWS\pss\FTP Utility.lnk File not found "location" = Common Startup "command" = C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe File not found "item" = C:\WINDOWS\system32\ftp.exe [04/14/2008 04:34 AM | 00,046,080 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Régis Granger^Menu Démarrer^Programmes^Démarrage^Adobe Media Player.lnk] "path" = C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage\Adobe Media Player.lnk File not found "backup" = C:\WINDOWS\pss\Adobe Media Player.lnk File not found "location" = Startup "command" = C:\PROGRA~1\ADOBEM~1\ADOBEM~1.EXE File not found "item" = Adobe Media Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini" = 0 "win.ini" = 0 "bootini" = 0 "services" = 0 "startup" = 2 ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0aad0508-e146-11dc-af45-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16d68960-3092-11dd-b007-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{484815bf-54bd-11dd-b03f-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59b1ff7a-f9cf-11dc-af7e-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7441dac2-2d78-11dd-afff-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86b166d5-e613-11dc-af54-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9aadca16-6704-11dd-b06e-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c76eeade-fb14-11dc-af81-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d11fd207-04b8-11dd-af9f-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc09f78c-e4e1-11dc-af4f-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ffc8e24d-8e70-11da-9887-806d6172696f}\Shell] "" = None ========== DNS Name Servers ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{3F254497-3FB2-4C13-B2EB-D8F1EBE314A9}] Servers: | Description: Windows Mobile-based Device [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{57C9E86A-DB58-4B94-AF19-5FB4BA8D2F9F}] Servers: | Description: 11a/b/g Wireless LAN Mini PCI Express Adapter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B1D52F6C-4FFB-4AE5-9B2B-266C20F69D46}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B930A187-59DC-47A0-9C71-325BA8913484}] Servers: | Description: Broadcom NetXtreme Gigabit Ethernet [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{C450C8EE-1586-4CD5-927B-9255BB6C9D11}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{ECCC14E1-B4A7-41CC-A6F1-F5D1F880B879}] Servers: | Description: Carte réseau 1394 ========== Hosts File ========== HOSTS File = (257789 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com 127.0.0.1 www.132.com 127.0.0.1 132.com 127.0.0.1 www.136136.net 127.0.0.1 136136.net ========== Files/Folders - Created Within 90 days ========== [08/02/2008 06:39 PM | ---D | C] - C:\Deckard [08/28/2008 07:39 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod [08/28/2008 07:41 AM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty [08/28/2008 07:42 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img [1 C:\WINDOWS\System32\*.tmp files] [06/06/2008 06:20 PM | 00,218,400 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl [06/06/2008 06:21 PM | 00,128,288 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe [06/06/2008 06:21 PM | 00,492,832 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll [06/08/2008 09:13 PM | 00,057,344 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfbmp13n.dll [06/08/2008 09:13 PM | 00,069,632 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfgif13n.dll [06/08/2008 09:13 PM | 00,163,840 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltfil13n.dll [06/08/2008 09:13 PM | 00,206,336 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltefx13n.dll [06/08/2008 09:13 PM | 00,299,008 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltdis13n.dll [06/08/2008 09:13 PM | 00,401,408 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfcmp13n.dll [06/08/2008 09:13 PM | 00,450,560 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltimg13n.dll [06/08/2008 09:13 PM | 00,462,848 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltkrn13n.dll [06/24/2008 10:35 AM | ---D | C] - C:\WINDOWS\System32\Adobe [07/23/2008 01:20 PM | 00,028,416 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\uxtuneup.dll [07/23/2008 01:20 PM | 00,355,584 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe [08/22/2008 08:44 AM | 00,183,808 | ---- | C] () - C:\WINDOWS\System32\BDEADMIN.CPL [08/22/2008 08:44 AM | 00,210,032 | ---- | C] () - C:\WINDOWS\System32\DBCLIENT.DLL [08/22/2008 08:48 AM | 00,000,664 | ---- | C] () - C:\WINDOWS\System32\d3d9caps.dat [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\bits [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\fr [08/31/2008 12:12 PM | 00,110,592 | ---- | C] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll [09/02/2008 12:29 PM | 00,051,100 | -H-- | C] () - C:\WINDOWS\System32\mlfcache.dat [1 C:\WINDOWS\*.tmp files] [07/23/2008 08:02 PM | ---D | C] - C:\WINDOWS\SQL9_KB948109_ENU [08/02/2008 06:40 PM | ---D | C] - C:\WINDOWS\ERDNT [08/18/2008 12:02 PM | 00,002,675 | ---- | C] () - C:\WINDOWS\imsins.BAK [08/28/2008 07:58 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$ [08/28/2008 08:01 AM | ---D | C] - C:\WINDOWS\network diagnostic [08/28/2008 08:03 AM | ---D | C] - C:\WINDOWS\ServicePackFiles [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\l2schemas [08/28/2008 08:16 AM | ---D | C] - C:\WINDOWS\Prefetch [08/31/2008 12:11 PM | 00,000,051 | ---- | C] () - C:\WINDOWS\npornap.INI [08/22/2008 10:05 AM | 00,000,284 | ---- | C] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job [06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\FileOpen [06/13/2008 09:53 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple Computer [08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\AVS4YOU [08/05/2008 11:40 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira [08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes [08/22/2008 10:05 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple [06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\FileOpen [07/04/2008 06:00 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\DiVision Studios XAvenger [08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\AVS4YOU [08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\Malwarebytes [08/28/2008 07:21 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\SumatraPDF [08/05/2008 09:53 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IsolatedStorage [06/06/2008 08:20 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Mes radios [06/16/2008 11:18 AM | 00,000,000 | -H-- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp [06/16/2008 11:45 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\WM-RG Mes documents [07/18/2008 01:27 PM | 04,987,098 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv [07/18/2008 01:32 PM | 00,176,740 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif [07/18/2008 01:32 PM | 01,492,992 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg [07/18/2008 01:32 PM | 02,532,679 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip [08/03/2008 01:04 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\TmForever [08/20/2008 07:11 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Access Connections [09/02/2008 10:19 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\A trier [06/13/2008 09:53 AM | 00,001,611 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [08/05/2008 11:52 AM | 00,000,703 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [06/16/2008 11:45 AM | 00,001,433 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK [08/05/2008 11:54 AM | 00,001,870 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk [08/06/2008 08:06 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Bureau\HJT [08/06/2008 09:41 AM | 00,001,741 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk [08/06/2008 12:37 PM | 00,059,632 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip [08/30/2008 08:12 PM | 00,208,384 | ---- | C] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe [09/03/2008 11:51 AM | 00,000,736 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk [06/24/2008 10:51 AM | ---D | C] - C:\Program Files\Fichiers communs\Adobe AIR [07/04/2008 05:59 AM | ---D | C] - C:\Program Files\Fichiers communs\Oberon Media [08/03/2008 08:47 AM | ---D | C] - C:\Program Files\Fichiers communs\AVSMedia [06/13/2008 09:53 AM | ---D | C] - C:\Program Files\QuickTime [08/03/2008 08:49 AM | ---D | C] - C:\Program Files\Foxit Software [08/05/2008 11:40 AM | ---D | C] - C:\Program Files\Avira [08/05/2008 11:52 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware [08/06/2008 09:41 AM | ---D | C] - C:\Program Files\Trend Micro [08/14/2008 01:52 PM | ---D | C] - C:\Program Files\Sun [08/22/2008 10:05 AM | ---D | C] - C:\Program Files\Apple Software Update [08/28/2008 07:21 PM | ---D | C] - C:\Program Files\SumatraPDF [09/03/2008 11:51 AM | ---D | C] - C:\Program Files\Audacity 1.3 Beta (Unicode) ========== Files - Modified Within 90 days ========== [08/22/2008 08:42 AM | 00,000,226 | RHS- | M] () - C:\boot.ini [08/28/2008 08:01 AM | 00,252,240 | RHS- | M] () - C:\NTLDR [09/04/2008 08:09 AM | 10,637,02528 | -HS- | M] () - C:\hiberfil.sys [06/13/2008 09:54 AM | 00,245,715 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080613-095557.backup [06/13/2008 09:55 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080616-073532.backup [06/16/2008 07:35 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163407.backup [06/19/2008 04:34 PM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163453.backup [06/19/2008 04:34 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080624-121506.backup [06/24/2008 12:15 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083031.backup [06/28/2008 08:30 AM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083116.backup [06/28/2008 08:31 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080630-194103.backup [06/30/2008 07:41 PM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053717.backup [07/04/2008 05:37 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053812.backup [07/04/2008 05:38 AM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-140930.backup [07/18/2008 02:09 PM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-141532.backup [07/18/2008 02:15 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-123952.backup [07/23/2008 12:39 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-124104.backup [07/23/2008 12:41 PM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080724-065340.backup [07/24/2008 06:53 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-114925.backup [08/02/2008 03:50 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155554.backup [08/02/2008 03:55 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080803-114333.backup [08/02/2008 11:49 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-115054.backup [08/02/2008 11:50 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155011.backup [08/03/2008 11:43 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts [06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\System32\drivers\TSMAPIP.SYS [06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\System32\drivers\TPPWRIF.SYS [07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\System32\drivers\IBMBLDID.sys [07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\drivers\SynTP.sys [1 C:\WINDOWS\System32\*.tmp files] [06/06/2008 06:20 PM | 00,218,400 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl [06/06/2008 06:21 PM | 00,128,288 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe [06/06/2008 06:21 PM | 00,492,832 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll [07/02/2008 12:22 AM | 00,292,152 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina_api.dll [07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina.dll [07/03/2008 03:55 PM | 00,163,840 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCOM.dll [07/03/2008 03:56 PM | 00,200,704 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCtrl.dll [07/03/2008 04:09 PM | 00,147,456 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPAPI.dll [07/03/2008 04:29 PM | 00,110,592 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll [07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe [08/05/2008 11:32 AM | 00,003,072 | ---- | M] () - C:\WINDOWS\System32\CONFIG.NT [08/22/2008 08:48 AM | 00,000,664 | ---- | M] () - C:\WINDOWS\System32\d3d9caps.dat [08/28/2008 08:15 AM | 00,264,616 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT [08/28/2008 08:19 AM | 00,002,278 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl [08/29/2008 10:41 AM | 00,082,228 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat [08/29/2008 10:41 AM | 00,101,196 | ---- | M] () - C:\WINDOWS\System32\perfc00C.dat [08/29/2008 10:41 AM | 00,456,274 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat [08/29/2008 10:41 AM | 00,532,214 | ---- | M] () - C:\WINDOWS\System32\perfh00C.dat [08/29/2008 10:41 AM | 01,185,482 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI [09/02/2008 12:29 PM | 00,051,100 | -H-- | M] () - C:\WINDOWS\System32\mlfcache.dat [09/04/2008 08:09 AM | 00,000,380 | ---- | M] () - C:\WINDOWS\System32\IPSCtrl.INI [09/04/2008 08:09 AM | 00,025,355 | ---- | M] () - C:\WINDOWS\System32\PROCDB.INI [09/04/2008 08:09 AM | 00,561,880 | ---- | M] () - C:\WINDOWS\System32\oodbs.lor [1 C:\WINDOWS\*.tmp files] [06/10/2008 01:40 AM | 00,016,384 | ---- | M] () - C:\WINDOWS\PWMBTHLP.EXE [06/24/2008 10:35 AM | 00,001,479 | ---- | M] () - C:\WINDOWS\mozver.dat [08/06/2008 07:36 AM | 00,000,246 | ---- | M] () - C:\WINDOWS\system.ini [08/06/2008 07:36 AM | 00,000,610 | ---- | M] () - C:\WINDOWS\win.ini [08/22/2008 08:13 AM | 00,000,188 | ---- | M] () - C:\WINDOWS\x [08/28/2008 08:12 AM | 00,002,675 | ---- | M] () - C:\WINDOWS\imsins.BAK [08/28/2008 08:16 AM | 00,316,640 | ---- | M] () - C:\WINDOWS\WMSysPr9.prx [08/31/2008 12:21 PM | 00,000,051 | ---- | M] () - C:\WINDOWS\npornap.INI [09/04/2008 08:09 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [08/28/2008 11:57 AM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job [09/04/2008 08:09 AM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [09/04/2008 08:10 AM | 00,000,316 | ---- | M] () - C:\WINDOWS\tasks\PMTask.job [09/04/2008 09:00 AM | 00,000,520 | ---- | M] () - C:\WINDOWS\tasks\Maintenance en 1 clic.job [09/04/2008 09:11 AM | 00,000,256 | ---- | M] () - C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job [08/28/2008 07:02 PM | 03,707,858 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IconCache.db [08/28/2008 08:20 AM | 00,069,240 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [09/03/2008 05:57 PM | 00,136,704 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [06/16/2008 11:18 AM | 00,000,000 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp [07/18/2008 01:27 PM | 04,987,098 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv [07/18/2008 01:32 PM | 00,176,740 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif [07/18/2008 01:32 PM | 01,492,992 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg [07/18/2008 01:32 PM | 02,532,679 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip [09/04/2008 08:46 AM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Mes dossiers de partage.lnk [06/13/2008 09:53 AM | 00,001,611 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [07/23/2008 01:16 PM | 00,000,671 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Winamp.lnk [08/05/2008 11:47 AM | 00,001,609 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [08/05/2008 11:52 AM | 00,000,703 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [08/22/2008 08:17 AM | 00,001,648 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\ThinkVantage Productivity Center.lnk [06/16/2008 11:45 AM | 00,001,433 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK [08/01/2008 10:49 PM | 00,208,384 | ---- | M] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe [08/05/2008 11:54 AM | 00,001,870 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk [08/06/2008 09:41 AM | 00,001,741 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk [08/06/2008 12:37 PM | 00,059,632 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip [08/28/2008 07:13 PM | 00,001,555 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\CCleaner.lnk [09/03/2008 11:51 AM | 00,000,736 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk [09/03/2008 12:22 PM | 00,001,514 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Bloc-notes.lnk < End of report > @+, leredge.
  9. leredge
    Salut, merci pour ta réponse. En fait, j'ai attrapé un truc l'antivirus "Antivir" n'arrive pas à l'éliminer et non plus Malwarebytes Anti-Malware. Que faire ? Car mon ordi "tourne" entre 6 et 56 % en permanence. Cela ne se produisait pas auparavant... @+, leredge
  10. leredge
    Bonjour, comment ce fait-il que je n'est pas de réponse ? Merci de me répondre, leredge
  11. leredge
    Salut, je n'arrive pas à supprimer des éléments qui me ralentissent non système. J'ai effectué un rapport hjt et en voici son contenu ci-dessous. Pourriez-vous m'aider ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:44:41, on 02/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\oodag.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE c:\program files\lenovo\system update\suservice.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://redgetrebes.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 15815 bytes Merci à vous ! leredge
  12. leredge
    Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1026 Windows 5.1.2600 Service Pack 2 14:25:18 05/08/2008 mbam-log-8-5-2008 (14-25-12).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 121383 Temps écoulé: 1 hour(s), 38 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP211\A0055044.exe (Adware.Rabio) -> No action taken. le deuxième : Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1026 Windows 5.1.2600 Service Pack 2 14:25:22 05/08/2008 mbam-log-8-5-2008 (14-25-20).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 121383 Temps écoulé: 1 hour(s), 38 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP211\A0055044.exe (Adware.Rabio) -> No action taken. et HJT : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:42:08, on 06/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\oodag.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://redgetrebes.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 15922 bytes ciao.
  13. leredge
    Salut, Voici le rapport deux rapports de mbam et le dernier de HJT. @+, leredge,
  14. leredge
    Suite à mon dernier message, rien n'a changé. A savoir que l'UC reste énormément utilisé quand l'ordi est connecté sur Internet. Que faire, te transmettre un nouveau rapport HijackThis ? @+, merci, leredge.
  15. leredge
    Salut, J'ai bien lu tes recommandations et j'en tiens compte. Pour conclure par rapport à mon problème, je suis conscient qu'il y a un problème avec teatimer. Cependant, si je l'arrête avec le gestionnaire de tâche, la fluctuation de l'utilisation du processeur reste identique. C'est-à-dire, une oscillation entre 4 et 50 % en permanence. je fais le changement des programmes conseiller par tes soins et je te dis. Merci, leredge.
  16. leredge
    Salut kutzman, voici ci-dessous le rapport demandé : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:27:08, on 02/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\oodag.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\DOCUME~1\RGISGR~1\LOCALS~1\Temp\Rar$EX00.281\HijackThis.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\RGISGR~1\LOCALS~1\Temp\Rar$EX00.015\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://redgetrebes.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 16618 bytes
  17. leredge
    Salut, Je ne comprends pas, depuis une semaine mon UC fluctue entre 7 et 62 % et cela sans qu'aucune application "travaille". L'antivirus avast "tourne" en permanence. auparavant cela ne se faisait pas. entre temps, en déplacement j'ai configuré mon ordi pour se connecter par l'intermédiaire de "Wifirst" et ensuite une tentative non concluante chez "le neuf". pouvez-vous me dire qu'est-ce qui se passe ? Merci par avance.
  18. leredge
    Salut Gof, Je me suis absenté ces derniers jours. Il me semble respectueux de répondre à ta dernière question. Je n'ai plus aucun soucis de virus depuis une semaine. Je t'en remercie ainsi qu'à l'ensemble de l'équipe de Zebulon. Cependant, la mise en veille et la mise en veille prolongée ne fonctionne pas. Pour ce qui est des logiciel, la sauvegarde fonctionne seulement en mode automatisé et non manuelle. Je vais cherché pour les liens vers des pages web depuis un message transmis. A bientôt.
  19. leredge
    Gof, J'ai résolu le problème de de sauvegarde de mes données du disque dur. Ce que je veux dire, quand je reçois un courriel et dans lequel il comporte un lien vers un site web, ce dernier ne peux pas fonctionner. J'utilise seulement, l'antivirus AVAST, et je trouve pas l'action bloquant cette fonction. Peut-être, cela est dû à une option restée en mémoire dans mon ordi de l'ancien logiciel pare-feux Zonealarm ? D'ailleurs, lequel peux-tu me conseiller ? Merci encore, A bientôt.
  20. leredge
    Salut Gof, Il semble que depuis hier, tout ce passe bien. Cependant, en effectuant toutes ces procédures et, même celles avant de rentrer en relation avec toi, je n'arrive plus à activer un lien d'une page web depuis un message électronique, d'une part et d'autre part, la sauvegarde de mes données ne fonctionne plus avec le système ThinkVantage. Pourrais-tu me dire comment rétablir ces deux paramètres ? Par ailleurs, je te remercie de ton efficace aide. A bientôt.
  21. leredge
    Salut Gof, voici le rapport (très court) de Winseeker : WINSeeker 1.0B - bibi26 Fichier/dossier recherché : *.* Date recherchée : Aucune (jj/mm/aaaa) Répertoire à scanner : C:\WINDOWS\x (Récursif) --> Fichiers/Dossiers trouvés --> Fin du rapport A mon dernier message, je voulais dire, qu'en effet, j'utilise firefox comme navigateur par défaut et en regardant des pages web (sur le site rugbyrama) mon ordi à planté avec un message d'erreur de windows. Ce message me demande de redémarrer en mode sans échec. au redémarage, ce message ne peux l'envoyer sur le site de oca.windows. Hier, j'ai désinstallé firefox, redémarré, nettoyé avec CCleaner et réinstaller. Aussi, l'autre jour, j'ai oublié de te transmettre le rapport de Antivir, le voici : AntiVir PersonalEdition Classic Report file date: vendredi 18 janvier 2008 09:19 Scanning for 1036370 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: H.E.S.C Computer name: LENOVO Version information: BUILD.DAT : 269 15604 Bytes 10/09/2007 14:31:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 12:32:40 ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 12:32:46 ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 17:21:02 ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 28/08/2007 07:22:36 AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 17:09:10 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Manual Selection Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: vendredi 18 janvier 2008 09:19 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'WCESMgr.exe' - '1' Module(s) have been scanned Scan process 'BTSTAC~1.EXE' - '1' Module(s) have been scanned Scan process 'BTTray.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned Scan process 'PicasaMediaDetector.exe' - '1' Module(s) have been scanned Scan process 'fum.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'ashDisp.exe' - '1' Module(s) have been scanned Scan process 'ACWLIcon.exe' - '1' Module(s) have been scanned Scan process 'ACTray.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'DLACTRLW.EXE' - '1' Module(s) have been scanned Scan process 'EZEJMNAP.EXE' - '1' Module(s) have been scanned Scan process 'LPMGR.EXE' - '1' Module(s) have been scanned Scan process 'pdservice.exe' - '1' Module(s) have been scanned Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'scheduler_proxy.exe' - '1' Module(s) have been scanned Scan process 'Amsg.exe' - '1' Module(s) have been scanned Scan process 'AwaySch.EXE' - '1' Module(s) have been scanned Scan process 'tpfnf7sp.exe' - '1' Module(s) have been scanned Scan process 'TpScrex.exe' - '1' Module(s) have been scanned Scan process 'TPONSCR.exe' - '1' Module(s) have been scanned Scan process 'tvtpwm_tray.exe' - '1' Module(s) have been scanned Scan process 'TPOSDSVC.exe' - '1' Module(s) have been scanned Scan process 'TpShocks.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'DkIcon.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'cssauth.exe' - '1' Module(s) have been scanned Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned Scan process 'SvcGuiHlpr.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'logmon.exe' - '1' Module(s) have been scanned Scan process 'AcSvc.exe' - '1' Module(s) have been scanned Scan process 'IUService.exe' - '1' Module(s) have been scanned Scan process 'tvtsched.exe' - '1' Module(s) have been scanned Scan process 'rrservice.exe' - '1' Module(s) have been scanned Scan process 'tvttcsd.exe' - '1' Module(s) have been scanned Scan process 'TpKmpSvc.exe' - '1' Module(s) have been scanned Scan process 'TPHDEXLG.exe' - '1' Module(s) have been scanned Scan process 'tvt_reg_monitor_svc.exe' - '1' Module(s) have been scanned Scan process 'SUService.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'oodag.exe' - '1' Module(s) have been scanned Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned Scan process 'inetinfo.exe' - '1' Module(s) have been scanned Scan process 'DkService.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'acs.exe' - '1' Module(s) have been scanned Scan process 'AcPrfMgrSvc.exe' - '1' Module(s) have been scanned Scan process 'IPSSVC.EXE' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'ashServ.exe' - '1' Module(s) have been scanned Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'btwdins.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ibmpmsvc.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 83 processes with 83 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '65' files ). Starting the file scan: Begin scan in 'C:\' <Preload> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! End of the scan: vendredi 18 janvier 2008 10:22 Used time: 1:02:48 min The scan has been done completely. 9393 Scanning directories 344320 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 344320 Files not concerned 8903 Archives were scanned 2 Warnings 6 Notes A bientôt.
  22. leredge
    Salut gof, voici les résultats correspondant à ton dernier message. WINSeeker 1.0B - bibi26 Fichier/dossier recherché : x Date recherchée : Aucune (jj/mm/aaaa) Répertoire à scanner : C:\WINDOWS (Non récursif) --> Fichiers/Dossiers trouvés - [Fichier] [Créé le 22/08/2007 15:25:36] [Modifié le 12/01/2008 15:25:36] [a----] C:\WINDOWS\x --> Fin du rapport Et, le second : # version=4 # OnlineScanner.ocx=1.0.0.56 # OnlineScannerDLLA.dll=1, 0, 0, 51 # OnlineScannerDLLW.dll=1, 0, 0, 51 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=2806 (20080118) # vers_arch_module=1.063 (20080117) # vers_adv_heur_module=1.060 (20070601) # EOSSerial=8e2501dc454fc947a44341380cb22c0b # end=finished # remove_checked=false # unwanted_checked=true # utc_time=2008-01-19 07:40:44 # local_time=2008-01-19 08:40:44 (+0100, Paris, Madrid) # country="France" # osver=5.1.2600 NT Service Pack 2 # scanned=373250 # found=0 # scan_time=28179 Un renseignement peut-être ayant un intérêt. Si nous le trouvons pas, aujourd'hui, j'ai reçu un message d'erreur et pour lequel il c'est produit à la suite d'un eouverture d'une page web avec firefox. L'ordi. s'est redémarré tous seul sans pouvoir envoyer ce message d'erreur. A bientôt.
  23. leredge
    Salut Gof, voici le rapport de hijackthis, n'ayant pas trouver ce virus trojan dénommé vundo. Aussi, le rapport de diaghelp. Pour info., au cours de sa procédure Antivir à trouver un autre virus trojan "horse" par l'execution du fichier bohtbefj.dll Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:10:26, on 16/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\WINDOWS\system32\svchost.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\PROGRA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\OO Software\Defrag Professional\oodcnt.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Winamp\winamp.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Program Files\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1183127923437 O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 16449 bytes DiagHelp version v1.4 - http://www.malekal.com excute le 17/01/2008 à 5:11:08,03 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->17/01/2008 05:11:04 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->17/01/2008 05:10:55 C:\WINDOWS\prefetch\IMAPI.EXE-0BF740A4.pf -->17/01/2008 05:09:40 C:\WINDOWS\prefetch\WINAMP.EXE-0D0189CA.pf -->17/01/2008 05:08:50 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->17/01/2008 05:03:29 C:\WINDOWS\prefetch\MANTISPM.EXE-235B57C1.pf -->17/01/2008 05:01:36 C:\WINDOWS\prefetch\OUTLOOK.EXE-39385AAC.pf -->17/01/2008 05:00:46 C:\WINDOWS\prefetch\AVAST.SETUP-032170A8.pf -->17/01/2008 04:59:26 C:\WINDOWS\prefetch\NET1.EXE-029B9DB4.pf -->17/01/2008 04:59:11 C:\WINDOWS\prefetch\NET.EXE-01A53C2F.pf -->17/01/2008 04:59:11 C:\WINDOWS\System32\drivers\fidbox.idx -->16/01/2008 08:50:59 C:\WINDOWS\System32\drivers\fidbox.dat -->16/01/2008 08:50:59 C:\WINDOWS\System32\drivers\avipbb.sys -->12/01/2008 13:48:59 C:\WINDOWS\System32\drivers\klin.dat -->05/01/2008 14:43:20 C:\WINDOWS\System32\drivers\klick.dat -->05/01/2008 14:43:20 C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02 C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46 C:\WINDOWS\System32\TPAPSLOG.LOG -->17/01/2008 04:59:20 C:\WINDOWS\System32\wpa.dbl -->17/01/2008 04:56:10 C:\WINDOWS\System32\PROCDB.INI -->17/01/2008 04:55:16 C:\WINDOWS\System32\vsconfig.xml -->17/01/2008 04:55:15 C:\WINDOWS\System32\TPHDLOG0.LOG -->17/01/2008 04:54:55 C:\WINDOWS\System32\IPSCtrl.INI -->17/01/2008 04:54:45 C:\WINDOWS\System32\PerfStringBackup.INI -->15/01/2008 14:01:53 C:\WINDOWS\System32\perfh00C.dat -->15/01/2008 14:01:53 C:\WINDOWS\System32\perfh009.dat -->15/01/2008 14:01:53 C:\WINDOWS\System32\perfc00C.dat -->15/01/2008 14:01:53 C:\WINDOWS\System32\perfc009.dat -->15/01/2008 14:01:53 C:\WINDOWS\System32\CONFIG.NT -->13/01/2008 22:42:32 C:\WINDOWS\System32\EGATHDRV.SYS -->13/01/2008 C:\WINDOWS\System32\encobject.dat -->12/01/2008 20:58:40 C:\WINDOWS\System32\OODBS.lor -->12/01/2008 11:41:03 C:\WINDOWS\System32\AUTOEXEC.NT -->12/01/2008 10:27:21 C:\WINDOWS\System32\zllictbl.dat -->11/01/2008 02:24:06 C:\WINDOWS\System32\tmp.txt -->08/01/2008 00:49:26 C:\WINDOWS\System32\tmp.reg -->08/01/2008 00:49:26 C:\WINDOWS\System32\IEDFix.exe -->20/12/2007 23:11:52 C:\WINDOWS\System32\TZLog.log -->12/12/2007 12:36:42 C:\WINDOWS\System32\aswBoot.exe -->04/12/2007 14:04:28 C:\WINDOWS\System32\AvastSS.scr -->04/12/2007 13:54:04 C:\WINDOWS\System32\tzchange.exe -->13/11/2007 12:31:11 C:\WINDOWS\System32\lsasrv.dll -->07/11/2007 10:50:06 C:\WINDOWS\setupapi.log -->17/01/2008 04:59:10 C:\WINDOWS\QTFont.qfn -->17/01/2008 04:57:10 C:\WINDOWS\WindowsUpdate.log -->17/01/2008 04:55:55 C:\WINDOWS\wiadebug.log -->17/01/2008 04:54:53 C:\WINDOWS\wiaservc.log -->17/01/2008 04:54:52 C:\WINDOWS.log -->17/01/2008 04:54:33 C:\WINDOWS\bootstat.dat -->17/01/2008 04:54:31 C:\WINDOWS\SchedLgU.Txt -->17/01/2008 04:30:08 C:\WINDOWS\setuplog.txt -->15/01/2008 18:10:39 C:\WINDOWS\ntbtlog.txt -->15/01/2008 13:59:19 C:\WINDOWS\QTFont.for -->13/01/2008 04:45:21 C:\WINDOWS\setupact.log -->12/01/2008 11:26:08 C:\WINDOWS\x -->12/01/2008 10:30:50 C:\WINDOWS\system.ini -->12/01/2008 10:27:21 C:\WINDOWS\AvxOnline.log -->12/01/2008 07:27:51 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3904 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xcf000 7.00.6000.16574 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16574 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x44160000 0x127000 7.00.6000.16574 C:\WINDOWS\system32\urlmon.dll 0x44360000 0x5cd000 7.00.6000.16574 C:\WINDOWS\system32\ieframe.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16574 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x10000000 0x11000 5.01.0000.3100 C:\WINDOWS\system32\btncopy.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x00c90000 0x33000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL 0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00c70000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL 0x00dd0000 0x12000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL 0x00e00000 0x7000 1.53.0000.0001 C:\WINDOWS\system32\Sensor.dll 0x63000000 0x14000 7.05.0017.0024 C:\WINDOWS\system32\SynTPFcs.dll 0x02580000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll 0x01390000 0x15000 5.01.0000.3100 C:\WINDOWS\system32\btmmhook.dll 0x01200000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x027e0000 0x11a000 1.05.0000.0008 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x01ae0000 0x1c000 5.20.0019.0000 C:\WINDOWS\System32\DLA\DLASHX_W.DLL 0x01de0000 0xf000 5.20.0019.0000 C:\WINDOWS\system32\DLAAPI_W.DLL 0x02fe0000 0x9c000 5.20.0019.0000 C:\WINDOWS\System32\DLA\DLACResW.dll 0x6d7c0000 0x79000 6.00.0020.0006 C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Java\jre1.6.0_02\bin\MSVCR71.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x24000000 0x7000 5.00.0006.8903 C:\PROGRA~1\ZONEAL~1\MAILFR~1\mlfhook.dll 0x3c000000 0xf1000 5.00.0006.8903 C:\PROGRA~1\ZONEAL~1\MAILFR~1\mlfoshim.dll 0x621f0000 0x1f000 1.00.2536.0000 C:\WINDOWS\system32\MAPI32.dll 0x00a60000 0x15000 5.00.0006.8903 C:\PROGRA~1\ZONEAL~1\MAILFR~1\crsrpt.dll 0x7c080000 0x77000 7.00.9466.0000 C:\PROGRA~1\ZONEAL~1\MAILFR~1\MSVCP70.dll 0x7c000000 0x54000 7.00.9466.0000 C:\PROGRA~1\ZONEAL~1\MAILFR~1\MSVCR70.dll 0x5c3b0000 0xb5000 1.00.0000.5325 c:\windows\srchasst\srchui.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x5c480000 0x12000 1.00.0000.5325 c:\windows\srchasst\srchctls.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x02b90000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x60510000 0x18000 2.00.50727.0042 C:\WINDOWS\system32\dfshim.dll 0x79000000 0x45000 2.00.50727.0253 C:\WINDOWS\system32\mscoree.dll 0x5a500000 0x50000 8.05.1302.1018 C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll 0x01f00000 0xf000 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 0x03a90000 0x9e000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_keyboard_hook.dll 0x03b30000 0x1d7000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll 0x03d10000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01f60000 0x11000 C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll 0x04cb0000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x04d10000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x52200000 0xb000 7.00.0362.0000 C:\Program Files\ZoneAlarm\zlavscan.dll 0x035d0000 0x4000 5.03.0017.0000 C:\Program Files\ZoneAlarm\zlavscan_Loc040c.dll 0x04d60000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x05190000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x051b0000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll 0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x053e0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll 0x03a80000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll 0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x5b660000 0xd000 6.00.3800.2180 C:\WINDOWS\system32\twext.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 300 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x30e30000 0x9a000 5.06.0002.3649 C:\WINDOWS\system32\vrlogon.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x10000000 0x8f000 1.02.0058.0000 C:\WINDOWS\system32\tvt_gina.dll 0x00ce0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll 0x00f00000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll 0x01090000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll 0x010d0000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll 0x012a0000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01350000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll 0x01460000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll 0x01570000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll 0x015d0000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll 0x018c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll 0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL 0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll 0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll 0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL 0x023e0000 0x8000 4.04.0002.0001 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll 0x023f0000 0x23000 4.04.0002.0001 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll 0x0a000000 0x2b000 4.04.0002.0001 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x02420000 0x16000 4.04.0002.0001 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll 0x02480000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll 0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll 0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOWS\system32\RICHED20.DLL 0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll 0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll 0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll 0x03330000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll 0x031e0000 0x7000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll 0x03400000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll 0x035a0000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est C85C-239C Répertoire de C:\WINDOWS\system32 05/08/2004 13:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 26 073 346 048 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est C85C-239C Répertoire de C:\WINDOWS\Downloaded Program Files 12/01/2008 06:51 <REP> . 12/01/2008 06:51 <REP> .. 21/03/2002 15:26 815 bitdefender.inf 30/01/2003 16:52 348 160 bitdefender.ocx 05/03/2007 15:57 194 024 cssweb.dll 05/03/2007 15:57 368 cssweb.inf 05/03/2007 15:57 16 872 csswlng.dll 26/01/2006 22:52 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 23/03/2007 11:17 1 292 erma.inf 12/07/2000 02:02 36 864 fxfileop.dll 27/07/2004 15:48 323 584 isusweb.dll 16/04/2007 21:50 295 muweb.inf 15/06/2007 08:02 632 392 OberonGameHost.dll 15/06/2007 08:01 332 OberonGameHost_dbg.inf 14/02/2007 15:30 144 setup.inf 31/10/2001 10:37 118 uninst.bat 16 fichier(s) 1 776 509 octets Total des fichiers listés : 16 fichier(s) 1 776 509 octets 2 Rép(s) 26 073 346 048 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 activexupdate.com 127.0.0.1 www.activexupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 exeupdate.com 127.0.0.1 www.exeupdate.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 msupdate.net 127.0.0.1 www.msupdate.net 127.0.0.1 msupdater.net 127.0.0.1 www.msupdater.net 127.0.0.1 necessaryupdates.com 127.0.0.1 www.necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 securityupdatesite.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 systemupdates.net 127.0.0.1 www.systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 updatemysettings.com 127.0.0.1 www.updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.com 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.680180.net 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 panda-hq.com 127.0.0.1 www.panda-hq.com catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-17 05:13:44 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG08.00.00.01WORKSTATION"="CAEF4D2226E40E4F3FE4AA3B10BACE5A066E36594C3B3BAF94793C5709B0ED8A9BD6B2A7710206280F9713C081338B9ABF464B4A64C5E85C895CBAA7EADE6FC38C9CC2498DBC6F3DF4AEE351FD815DD5580DEA88C84C069B204D322309A05CC604296F562CA2483891E28E39C09511C3C974A77DDDC152D0CC11F5F0909204C210736A53611210B62C03C97A6736F88F35BD58C769718FD428FE1E6A8FA0BA5D620A2E7627C1CBCAAD718BC7F4FBEAD7DA4116B719F884736C03831EFC105730CD0DF42D5B36057B2425948B4FD1C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74CBA7FD869164D6794A6171C11EC38DE3D3B1E9FB87C8DF3AE3D70242FB68967D31F6C21E8EFC05599C339AD76783AC1ABF615B4B9BE6FDE812A179802F4E7D20804139FBD02554ED536FD393848C6F7F5B2EA09E6B96E24371D15CBC73FEFDA9BA3F90851E6C43646900788EFEC308308BF4C369590C04172D4CE2E56B5DEE401C8E13D19DCF6F54D4A0D16D362A5F156648A685C997D0B570250C0462E58A92EB22C364E54374C524D6CEB5FD6BBA8D7D89A631962A4A90ECB461B75AFE0369B94DF7F72F4B4C93D7BA42BD1AC6A5B88CA157A6B299597434C02E504F6E4EAC795A7B64396035580A8D909AEFA8F96685AB617B6E097A6A7907ADF58F5327CB3D054904BC71B280C1DD24C3C8B69397A9CE037A3B2D2F8EF1BC7DA9BCFF973655556D35148554FD6147D5207DC9D74C61A976C1FF8D486D4E12A3F395D54AD6725C4DB648F72AE5CBD680A5DA1355158D1055B57C38F1C134F838463ABBA5B45B7DB96D7C697F99BBDC8F851C09AA8BF33763C43555758EA41D7BA90790C8112F8FA09414A49BB16AD74373C541FAA8F23DADD9827662FA10A5204F6BE8A776347A24BF9ACF452531868F0B72BF859E07CC821D3E35AE880EDBF1697205C6BD2F4FB05A03468EE5E7E446624C73E0BCE0A777B366BB32252A9133B30FC0C5FFDCA507997D7599643524DEA23606BEBF78DC576C3D058C8E8E9E2D2C66488A4868210F905C75D25187E69689CDFE279803DB3ADC35B912098CF67CDA51B23E6924B4D6D52E36F4671DD265ABBE3678791C0655443860D433A737FB2D91A92A2CAC83E502FC2F07CEA3FB151EF40A1BB543525AF91035D9A2ADD2C9C330EF127DC903F318CADA31D2268E1716BFA1E92FAACDE9643B3F4E7498B1538C756BF1AFA304E3321A1AFD3BA91ACF1A64FCC58362A2479302F303EFCF0034AEF09DC745BA38E0F66D0A01CDAE430A1DCAA033241A9295875C24A85ACF3E2A64A6D1203B660478D1B1FE4C92D83AA5E8BAF7895D415C747716C66F9C46C48B8B68008E54B4C628F4128D0806081019D77B4C9CDB2CF" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 248 - csrss.exe 296 - OUTLOOK.EXE 300 - winlogon.exe 348 - services.exe 360 - lsass.exe 548 - ibmpmsvc.exe 580 - svchost.exe 644 - svchost.exe 692 - svchost.exe 728 - btwdins.exe 776 - DkService.exe 812 - svchost.exe 940 - IPSSVC.EXE 988 - acs.exe 1024 - sched.exe 1040 - AppleMobileDevi 1096 - vsmon.exe 1248 - ctfmon.exe 1284 - inetinfo.exe 1364 - oodag.exe 1384 - mantispm.exe 1636 - ashServ.exe 1760 - avgnt.exe 1824 - spoolsv.exe 1872 - avguard.exe 2108 - tvt_reg_monitor 2140 - TPHDEXLG.exe 2356 - AcSvc.exe 2400 - AwaySch.EXE 2440 - logmon.exe 2472 - pdservice.exe 2708 - SynTPEnh.exe 2896 - ashMaiSv.exe 3300 - iTunesHelper.ex 3304 - SynTPLpr.exe 3328 - TpShocks.exe 3396 - TPOSDSVC.exe 3464 - ashWebSv.exe 3508 - ACWLIcon.exe 3608 - alg.exe 3648 - Amsg.exe 3788 - ashDisp.exe 3792 - cssauth.exe 3904 - explorer.exe 3944 - zlclient.exe 3996 - winamp.exe 4012 - wmiapsrv.exe 4168 - wcescomm.exe 4216 - fum.exe 4268 - PicasaMediaDete 4320 - TeaTimer.exe 4424 - rapimgr.exe 4480 - BTTray.exe 4812 - BTSTAC~1.EXE 5364 - iPodService.exe 5468 - firefox.exe 5820 - taskmgr.exe 5864 - cmd.exe Total number of processes = 59 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll F7ABD000 - \WINDOWS\system32\KDCOM.DLL F79CD000 - \WINDOWS\system32\BOOTVID.dll F748D000 - ACPI.sys F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F747C000 - pci.sys F75BD000 - isapnp.sys F79D1000 - compbatt.sys F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7B85000 - pciide.sys F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F745E000 - pcmcia.sys F75CD000 - MountMgr.sys F743F000 - ftdisk.sys F7AC1000 - dmload.sys F7419000 - dmio.sys F7845000 - PartMgr.sys F79D9000 - ACPIEC.sys F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F75DD000 - VolSnap.sys F7401000 - atapi.sys F7343000 - iaStor.sys F75ED000 - disk.sys F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7323000 - fltMgr.sys F7311000 - sr.sys F72FB000 - DRVMCDB.SYS F760D000 - PxHelp20.sys F72E4000 - KSecDD.sys F7257000 - Ntfs.sys F722A000 - NDIS.sys F720E000 - kl1.sys F784D000 - \WINDOWS\system32\DRIVERS\TDI.SYS F7855000 - ApsHM86.sys F71FA000 - srescan.sys F71DE000 - Apsx86.sys F761D000 - ohci1394.sys F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F71C3000 - Mup.sys F77BD000 - \SystemRoot\system32\DRIVERS\nic1394.sys F67C9000 - \SystemRoot\system32\DRIVERS\tunmp.sys F6002000 - \SystemRoot\system32\DRIVERS\intelppm.sys F541B000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys F5407000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F53E2000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F53B7000 - \SystemRoot\system32\DRIVERS\b57xp32.sys F792D000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F5394000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7935000 - \SystemRoot\system32\DRIVERS\usbehci.sys F536C000 - \SystemRoot\system32\drivers\tifm21.sys F5359000 - \SystemRoot\system32\DRIVERS\sdbus.sys F5FF2000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F793D000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F532D000 - \SystemRoot\system32\DRIVERS\SynTP.sys F7B15000 - \SystemRoot\system32\DRIVERS\USBD.SYS F7945000 - \SystemRoot\system32\DRIVERS\mouclass.sys F794D000 - \SystemRoot\system32\DRIVERS\nscirda.sys F67C1000 - \SystemRoot\system32\DRIVERS\irenum.sys F7955000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys F67B9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F67B5000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys F5FE2000 - \SystemRoot\system32\DRIVERS\imapi.sys F795D000 - \SystemRoot\system32\drivers\iviaspi.sys F7B17000 - \SystemRoot\System32\Drivers\DLACDBHM.SYS F5FD2000 - \SystemRoot\system32\DRIVERS\cdrom.sys F5FC2000 - \SystemRoot\system32\DRIVERS\redbook.sys F530A000 - \SystemRoot\system32\DRIVERS\ks.sys F7975000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F523A000 - \SystemRoot\system32\DRIVERS\btkrnl.sys F797D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys F7C22000 - \SystemRoot\system32\DRIVERS\audstub.sys F7985000 - \SystemRoot\system32\DRIVERS\rasirda.sys F5FB2000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7AA5000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F5223000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F5FA2000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F5F92000 - \SystemRoot\system32\DRIVERS\raspptp.sys F5212000 - \SystemRoot\system32\DRIVERS\psched.sys F5F82000 - \SystemRoot\system32\DRIVERS\msgpc.sys F798D000 - \SystemRoot\system32\DRIVERS\ptilink.sys F7995000 - \SystemRoot\system32\DRIVERS\raspti.sys F51E1000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F5A86000 - \SystemRoot\system32\DRIVERS\termdd.sys F799D000 - \SystemRoot\system32\DRIVERS\psadd.sys F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys F5188000 - \SystemRoot\system32\DRIVERS\update.sys F7187000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F5A56000 - \SystemRoot\system32\DRIVERS\wsimd.sys F5108000 - \SystemRoot\system32\drivers\btaudio.sys F50E6000 - \SystemRoot\system32\drivers\portcls.sys F5A36000 - \SystemRoot\system32\drivers\drmk.sys F79A5000 - \SystemRoot\system32\DRIVERS\btport.sys F5A26000 - \SystemRoot\System32\Drivers\NDProxy.SYS A9A27000 - \SystemRoot\system32\drivers\ADIHdAud.sys A99F8000 - \SystemRoot\system32\drivers\AEAudio.sys A99A1000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys A9887000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys A979F000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys F78C5000 - \SystemRoot\System32\Drivers\Modem.SYS A9C55000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B67000 - \SystemRoot\System32\Drivers\i2omgmt.SYS A485D000 - \SystemRoot\system32\DRIVERS\klif.sys A3A88000 - \SystemRoot\System32\Drivers\btwusb.sys F7ACF000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C14000 - \SystemRoot\System32\Drivers\Null.SYS F7AD3000 - \SystemRoot\System32\Drivers\Beep.SYS A3EB5000 - \SystemRoot\System32\Drivers\DLARTL_N.SYS A3EAD000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A3EA5000 - \SystemRoot\System32\drivers\vga.sys A3A78000 - \SystemRoot\System32\Drivers\tcusb.sys F7AD5000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7AD7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A3E9D000 - \SystemRoot\System32\Drivers\Msfs.SYS A30D5000 - \SystemRoot\System32\Drivers\Npfs.SYS A80BC000 - \SystemRoot\system32\DRIVERS\rasacd.sys A1E22000 - \SystemRoot\system32\DRIVERS\ipsec.sys A1DC9000 - \SystemRoot\system32\DRIVERS\tcpip.sys A3A68000 - \SystemRoot\System32\Drivers\aswTdi.SYS A1DA8000 - \SystemRoot\system32\DRIVERS\ipnat.sys A3A58000 - \SystemRoot\system32\DRIVERS\wanarp.sys A1D80000 - \SystemRoot\system32\DRIVERS\netbt.sys A1D48000 - \SystemRoot\system32\DRIVERS\tcpip6.sys A3A48000 - \SystemRoot\system32\DRIVERS\arp1394.sys A1CE8000 - \SystemRoot\System32\vsdatant.sys A30CD000 - \SystemRoot\system32\DRIVERS\Ip6Fw.sys A1CCA000 - \SystemRoot\system32\DRIVERS\btwdndis.sys A3A38000 - \SystemRoot\system32\DRIVERS\btwhid.sys A3A28000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS A5C5E000 - \SystemRoot\system32\DRIVERS\kbdhid.sys A5C5A000 - \SystemRoot\system32\DRIVERS\mouhid.sys A1CA8000 - \SystemRoot\System32\drivers\afd.sys A3A18000 - \SystemRoot\system32\DRIVERS\netbios.sys A30C5000 - \SystemRoot\System32\drivers\TSMAPIP.SYS A30BD000 - \SystemRoot\System32\drivers\Tppwrif.sys A30B5000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys A30AD000 - \SystemRoot\System32\drivers\TDSMAPI.SYS A30A5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys A309D000 - \SystemRoot\System32\drivers\Smapint.sys A1C5D000 - \SystemRoot\system32\DRIVERS\rdbss.sys A1BEE000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7ADD000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys A39F8000 - \SystemRoot\System32\Drivers\Fips.SYS A2687000 - \SystemRoot\system32\DRIVERS\avipbb.sys F7AE5000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys A3E99000 - \SystemRoot\System32\drivers\ANC.SYS A308D000 - \SystemRoot\System32\Drivers\Aavmker4.SYS 9C932000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9C082000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys 9D425000 - \SystemRoot\System32\drivers\Dxapi.sys 9D547000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C16000 - \SystemRoot\System32\drivers\dxgthk.sys BF024000 - \SystemRoot\System32\igxpgd32.dll BF012000 - \SystemRoot\System32\igxprd32.dll BF04E000 - \SystemRoot\System32\igxpdv32.DLL BF1F2000 - \SystemRoot\System32\igxpdx32.DLL BFFA0000 - \SystemRoot\System32\ATMFD.DLL F773D000 - \SystemRoot\System32\Drivers\DRVNDDM.SYS 9C1D2000 - \SystemRoot\System32\DLA\DLADResN.SYS 9C06C000 - \SystemRoot\System32\DLA\DLAIFS_M.SYS F7A9D000 - \SystemRoot\System32\DLA\DLAOPIOM.SYS F7AFF000 - \SystemRoot\System32\DLA\DLAPoolM.SYS F7B01000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 9C850000 - \SystemRoot\System32\DLA\DLABOIOM.SYS 9C054000 - \SystemRoot\System32\DLA\DLAUDFAM.SYS 9C03E000 - \SystemRoot\System32\DLA\DLAUDF_M.SYS 9C028000 - \SystemRoot\system32\DRIVERS\irda.sys 9C012000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys A9C45000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys 9F636000 - \SystemRoot\system32\DRIVERS\ndisuio.sys A1E75000 - \SystemRoot\System32\Drivers\TDTCP.SYS 9BFC7000 - \SystemRoot\System32\Drivers\RDPWD.SYS 9BFB1000 - \SystemRoot\System32\Drivers\aswMon2.SYS 9BEAE000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys 9BE09000 - \SystemRoot\system32\DRIVERS\mrxdav.sys F796D000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS F7B25000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS 9BDA9000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys F6012000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys 9BC77000 - \SystemRoot\system32\DRIVERS\srv.sys F7B21000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys A2617000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys F7C0A000 - \??\C:\Program Files\SMI2\smi2.sys 9BB2F000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys 9B478000 - \SystemRoot\System32\Drivers\aswRdr.SYS 9B0C6000 - \SystemRoot\system32\drivers\wdmaud.sys 9B10B000 - \SystemRoot\system32\drivers\sysaudio.sys 9A222000 - \SystemRoot\system32\DRIVERS\ar5211.sys 99E06000 - \SystemRoot\system32\drivers\kmixer.sys F7BD7000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 192 Liste des programmes installes A380 pour FS2004 Access - Aide Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 9 ActiveX Adobe Flash Player 9 ActiveX Adobe Flash Player 9 Plugin Adobe Flash Player ActiveX Adobe Reader 8.1.1 - Français Adobe Shockwave Player Airbus Fleet Apple Mobile Device Support Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Assistant UltraNav ThinkPad Audacity 1.2.6 AutoUpdate avast! Antivirus Avira AntiVir PersonalEdition Classic Barre de confiance CM-CIC CCleaner (remove only) Celestia 1.3.2 Client Security Solution Combined Community Codec Pack 2007-07-22 Configuration du ThinkPad Correctif pour Windows XP (KB889816) Correctif pour Windows XP (KB893357) Correctif pour Windows XP (KB894686) Correctif pour Windows XP (KB896243) Correctif pour Windows XP (KB896256) Correctif pour Windows XP (KB898456) Correctif pour Windows XP (KB903250) Correctif pour Windows XP (KB909095) Correctif pour Windows XP (KB909667) Correctif pour Windows XP (KB910728) Correctif pour Windows XP (KB916189) Correctif pour Windows XP (KB918005) Correctif pour Windows XP (KB918837) Correctif pour Windows XP (KB928388) Correctif pour Windows XP (KB929120) Correctif Windows XP - KB873339 Correctif Windows XP - KB883517 Correctif Windows XP - KB883523 Correctif Windows XP - KB884020 Correctif Windows XP - KB884575 Correctif Windows XP - KB884868 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885855 Correctif Windows XP - KB885894 Correctif Windows XP - KB886185 Correctif Windows XP - KB888113 Correctif Windows XP - KB888239 Correctif Windows XP - KB888302 Correctif Windows XP - KB889315 Correctif Windows XP - KB889673 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB891781 Correctif Windows XP - KB896613 Creative WebCam NX Ultra Driver (1.01.03.0112) Destinator Console Diskeeper Lite DivX Codec eXPert PDF 4 Extension de Windows Live Toolbar (Windows Live Toolbar) Flight One ATR 72-500 Fonctions d'accessibilité TrackPoint Free Download Manager 2.5 G-Force Galerie de photos Windows Live Gestionnaire d'alimentation ThinkPad Gestionnaire de présentation Help Center High Definition Audio - KB888111 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 2.0 (KB922981) Incrustation Integrated camera Intel® Graphics Media Accelerator Driver InterVideo Register Manager InterVideo WinDVD InterVideo WinDVD Creator 3 iTunes J2SE Runtime Environment 5.0 Update 6 Java 6 Update 2 K-Lite Mega Codec Pack 3.3.5 LAGO FS Falcon FS2004 version 2.00 Lecteur Windows Media 11 Maintenance Manager Media Player Classic fr Media Star Codec v1.6 Menus intelligents (Windows Live Toolbar) Message Center Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 Microsoft ActiveSync Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Home and Student 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office OneNote MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917537) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB939373) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour pour Windows XP (KB912945) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Mozilla Firefox (2.0.0.11) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) O&O Defrag Professional Edition Paint.NET v3.20 PC-Doctor 5 pour Windows Picasa 2 Product Trailers Projet Mach 2 Panel 2004 QuickTime RealAir Simulations SF.260 RecordNow Audio RecordNow Copy RecordNow Data Remove Multimedia Center Rescue and Recovery Rescue and Recovery Critical Patch for Windows Update (KB917422) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Excel 2007 (KB936509) Security Update for Excel 2007 (KB936509) Security Update for Office 2007 (KB934062) Security Update for Office 2007 (KB934062) Security Update for Office 2007 (KB936514) Security Update for Office 2007 (KB936514) Security Update for Publisher 2007 (KB936646) Security Update for the 2007 Microsoft Office System (KB936960) Security Update for the 2007 Microsoft Office System (KB936960) Security Update pour Microsoft .NET Framework 2.0 (KB928365) SoftSkies Sonic DLA Sonic Express Labeler Sonic Icons for Lenovo Sonic Update Manager SoundMAX Spybot - Search & Destroy Supplément à Productivity Center pour ThinkPad Surligneur (Windows Live Toolbar) System Migration Assistant System Update Système de protection active ThinkVantage Texas Instruments PCIxx21/x515/xx12 drivers. ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad Modem ThinkPad PC Card Power Policy ThinkPad Power Management Driver ThinkPad UltraNav Driver ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) ThinkVantage Access Connections ThinkVantage Fingerprint Software 5.6 ThinkVantage Productivity Center ThinkVantage Secure Data Disposal v1.3 ThinkVantage Technologies Welcome Message TIPCI Update for Office 2007 (KB932080) Update for Office 2007 (KB932080) Update for Office 2007 (KB934391) Update for Office 2007 (KB934391) Update for Office 2007 (KB934393) Update for Office 2007 (KB934393) Update for Outlook 2007 (KB937608) Update for Outlook 2007 Junk Email Filter (kb943597) Update for Word 2007 (KB934173) Update for Word 2007 (KB934173) Utilitaire de personnalisation du clavier ThinkPad Utilitaire ThinkPad EasyEject Utilitaire ThinkPad UltraNav Wallpapers WebFldrs XP Winamp Windows Communication Foundation Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Live Favorites pour Windows Live Toolbar Windows Live installer Windows Live Messenger Windows Media Format 11 runtime Windows Presentation Foundation Windows Workflow Foundation XML Paper Specification Shared Components Pack 1.0 XP Themes ZoneAlarm Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est C85C-239C Répertoire de C:\Program Files 12/01/2008 11:38 <REP> . 12/01/2008 11:38 <REP> .. 14/06/2007 20:01 <REP> Activation Assistant for the 2007 Microsoft Office suites 20/07/2007 08:52 <REP> Adobe 23/11/2007 05:19 <REP> Alwil Software 14/06/2007 19:29 <REP> Analog Devices 17/07/2007 17:12 <REP> AOL 23/11/2007 05:07 <REP> AOL Security Toolbar 15/09/2007 03:56 <REP> Apple Software Update 11/07/2007 19:01 <REP> Audacity 12/07/2007 07:00 <REP> Avast4 12/01/2008 11:38 <REP> Avira 31/10/2007 06:24 <REP> BarreConfCMCIC 11/07/2007 19:02 <REP> CCleaner 14/07/2007 06:05 <REP> Celestia 18/08/2007 06:29 <REP> Combined Community Codec Pack 15/06/2007 03:05 <REP> ComPlus Applications 14/06/2007 19:29 <REP> CONEXANT 11/07/2007 19:02 <REP> Dactylo 22/08/2007 15:52 <REP> Digital Line Detect 14/06/2007 19:45 <REP> Diskeeper Corporation 29/06/2007 15:16 <REP> DivX 16/01/2008 10:24 <REP> Enigma Software Group 12/01/2008 10:06 <REP> Fichiers communs 21/11/2007 18:45 <REP> Free Download Manager 03/12/2007 20:27 <REP> Google 18/08/2007 06:20 <REP> Haali 16/01/2008 18:11 <REP> HijackThis 11/01/2008 03:44 <REP> Hijackthis Version Française 22/08/2007 15:44 <REP> Intel 07/01/2008 21:53 <REP> InterActual 12/01/2008 07:01 <REP> Internet Explorer 09/12/2007 00:42 <REP> InterVideo 12/11/2007 14:21 <REP> iPod 12/11/2007 14:21 <REP> iTunes 01/09/2007 15:08 <REP> Java 18/08/2007 07:10 <REP> K-Lite Codec Pack 13/11/2007 18:26 <REP> Lenovo 18/08/2007 06:15 <REP> Media Player Classic 16/01/2008 06:47 <REP> MediaStarCodec 29/06/2007 15:42 <REP> Messenger 09/01/2008 10:55 <REP> Microsoft ActiveSync 29/06/2007 16:25 <REP> Microsoft CAPICOM 2.1.0.2 15/06/2007 03:05 <REP> microsoft frontpage 24/07/2007 20:51 <REP> Microsoft Games 25/09/2007 10:09 <REP> Microsoft Office 14/06/2007 20:05 <REP> Microsoft SQL Server 14/11/2007 07:17 <REP> Microsoft SQL Server Compact Edition 25/09/2007 10:10 <REP> Microsoft Visual Studio 25/09/2007 10:07 <REP> Microsoft Visual Studio 8 25/09/2007 09:42 <REP> Microsoft Works 25/09/2007 09:41 <REP> Microsoft.NET 15/06/2007 03:05 <REP> Movie Maker 17/01/2008 05:03 <REP> Mozilla Firefox 25/09/2007 10:10 <REP> MSBuild 15/06/2007 03:05 <REP> MSN 15/06/2007 03:05 <REP> MSN Gaming Zone 14/06/2007 19:25 <REP> MSXML 4.0 15/08/2007 09:19 <REP> MSXML 6.0 22/08/2007 16:08 <REP> Multimedia Center for Think Offerings 15/06/2007 03:05 <REP> NetMeeting 22/08/2007 15:52 <REP> NetWaiting 15/06/2007 03:05 <REP> Online Services 18/07/2007 17:59 <REP> OO Software 29/06/2007 16:25 <REP> Outlook Express 19/12/2007 14:39 <REP> Paint.NET 06/01/2008 15:43 <REP> PCDR5 03/12/2007 20:27 <REP> Picasa2 27/07/2007 08:21 <REP> Product Trailers 12/11/2007 14:18 <REP> QuickTime 11/07/2007 16:28 <REP> Reference Assemblies 15/06/2007 03:05 <REP> Services en ligne 14/06/2007 19:46 <REP> SMI2 22/08/2007 16:08 <REP> Sonic 10/12/2007 06:43 <REP> Sonic Icons for Lenovo 06/01/2008 17:07 <REP> SonicWallES 08/12/2007 04:45 <REP> SoundSpectrum 11/01/2008 04:11 <REP> Spybot - Search & Destroy 29/06/2007 21:02 <REP> Symantec Client Security 14/06/2007 19:27 <REP> Synaptics 22/08/2007 16:01 <REP> ThinkPad 10/12/2007 07:11 <REP> ThinkVantage 12/01/2008 10:09 <REP> ThinkVantage Fingerprint Software 14/06/2007 19:46 <REP> TVT SMBus 11/07/2007 15:58 <REP> Visagesoft 08/01/2008 01:29 <REP> Winamp 11/01/2008 03:57 <REP> Windows Live 14/11/2007 07:21 <REP> Windows Live Favorites 11/01/2008 03:57 <REP> Windows Live Toolbar 29/06/2007 15:57 <REP> Windows Media Connect 2 29/06/2007 15:57 <REP> Windows Media Player 15/06/2007 03:05 <REP> Windows NT 29/06/2007 15:34 <REP> WinRAR 15/06/2007 03:05 <REP> xerox 11/01/2008 03:54 <REP> Yahoo! 05/01/2008 14:46 <REP> ZoneAlarm 0 fichier(s) 0 octets 96 Rép(s) 26 070 335 488 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est C85C-239C Répertoire de C:\Program Files\fichiers communs 12/01/2008 10:06 <REP> . 12/01/2008 10:06 <REP> .. 29/06/2007 15:18 <REP> Adobe 31/08/2007 22:26 <REP> Apple 25/09/2007 09:41 <REP> DESIGNER 14/06/2007 19:37 <REP> Installshield 09/12/2007 00:40 <REP> InterVideo 14/06/2007 19:35 <REP> Java 14/06/2007 19:48 <REP> Lenovo 14/11/2007 07:06 <REP> Microsoft Shared 15/06/2007 03:05 <REP> MSSoap 30/08/2007 17:45 <REP> NSV 15/06/2007 03:05 <REP> ODBC 15/06/2007 03:05 <REP> Services 14/06/2007 19:27 <REP> snp2std 22/08/2007 16:08 <REP> Sonic Shared 15/06/2007 03:05 <REP> SpeechEngines 22/08/2007 16:08 <REP> SureThing Shared 11/01/2008 04:01 <REP> Symantec Shared 25/09/2007 10:06 <REP> System 12/01/2008 10:06 <REP> ThinkVantage Fingerprint Software 14/06/2007 19:28 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 22 Rép(s) 26 070 331 392 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est C85C-239C Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 25/09/2007 09:41 <REP> . 25/09/2007 09:41 <REP> .. 04/09/2007 10:47 <REP> 1033 25/09/2007 09:38 <REP> 1036 26/10/2006 18:49 970 528 MSONSEXT.DLL 26/10/2006 19:12 40 256 MSOSV.DLL 03/06/1999 21:09 122 937 MSOWS409.DLL 07/03/2001 16:00 127 033 MSOWS40c.DLL 11/07/2003 01:25 80 448 PKMWS.DLL 5 fichier(s) 1 341 202 octets 4 Rép(s) 26 070 331 392 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.0.123\French\setup.exe c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{1219A9F1-B57E-48C0-AC15-09F423F02F95}\ARPPRODUCTICON.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{1219A9F1-B57E-48C0-AC15-09F423F02F95}\SDDShortcut_1219A9F1B57E48C0AC1509F423F02F95.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{23275231-8DBD-4283-8AEA-DACF280CDD2D}\_B0A71F8FFE71_473E_9486_F3C79CB7D46C.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\ARPPRODUCTICON.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\oodcnt_ds.53480300_6789_44B8_908F_AD7D7990104B.exe c:\Documents and Settings\H.E.S.C\Application Data\Microsoft\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\oodcnt_exe.53480300_6789_44B8_908F_AD7D7990104B.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\diff.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\find2.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\grep.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\streams.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\H.E.S.C\Bureau\DiagHelp\tar.exe c:\Documents and Settings\H.E.S.C\Mes documents\HESC\Comptabilité - Gestion\Logiciel de compta\cg32v400.cic.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\free-download-manager_free_download_manager_2.5.715_anglais_12841.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\fs91updFRA.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\AOL AVS\active-virus-shield_active_virus_shield_6.02.621_anglais_23357.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\aswclnr.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\barreconfcmcic.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\ccsetup202.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\winamp55_full_emusic-7plus_fr-fr.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\winamp550_patch_officiel_todae.exe c:\Documents and Settings\H.E.S.C\Mes documents\Mes fichiers reçus\Logiciel\WLinstaller.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules405\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules405\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules405\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules406\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules406\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules406\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules407\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules407\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules407\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules408\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules408\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules408\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules409\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules409\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules409\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40b\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40b\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40b\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40c\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40c\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40c\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40e\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40e\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules40e\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules410\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules410\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules410\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules413\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules413\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules413\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules414\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules414\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules414\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules415\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules415\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules415\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules419\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules419\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules419\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules41D\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules41D\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules41D\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules816\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules816\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModules816\CNMur53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModulesc0a\CNMlr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModulesc0a\CNMsr53.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i350\LanguageModulesc0a\CNMur53.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\H.E.S.C\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Merci, à bientôt.
  24. leredge
    Bonjour gof, Merci pour ta réponse et à bientôt. Voici ci-dessous le rapport hijackthis. Une précision, j'ai essayé de m'en sortir tour seul sans s'y parvenir. C'est pour cette raison que ce rapport date du 12.01.08. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:50:12, on 12/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\system32\taskmgr.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe C:\Program Files\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1183127923437 O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 15914 bytes
  25. leredge
    salut à tous, mon ordi est infecté par le virus trojan vundo. L'ordi démarre tout seul. Je n'arrive pas en m'en séparer. quelqu'un peut m'aider ? Merci par avance.
×
×
  • Créer...